Policy: Azure > Key Vault > Key > Expiration

Define the expiration setting required for Azure > Key Vault > Key.

Enabling key expiration ensures compliance with security policies by validating that all keys are configured to expire, thereby preventing unauthorized, prolonged use of outdated or potentially compromised keys.

Targets

This policy targets the following resource types:

Azure > Key Vault > Key

Days [Default]

Controls

Setting this policy configures this control:

Azure > Key Vault > Key > Expiration

Policy Packs

This policy setting is used by the following policy packs:

Azure CIS v2.0.0 - Section 8 - Key Vault

Policy Specification

Schema Type	`string`
Default	`Skip`
Valid Values [YAML]	`Skip` `Check: Expiration` `Enforce: Expiration`
Examples [YAML]	`Check: Expiration`

In Your Workspace

Policy Settings by Type report

Developers

Category URI

tmod:@turbot/turbot#/control/categories/security

Policy Type URI

tmod:@turbot/azure-keyvault#/policy/types/keyExpiration

GraphQL

query policyType(id: "tmod:@turbot/azure-keyvault#/policy/types/keyExpiration") { … }

query policySettings(filter: "policyTypeId:'tmod:@turbot/azure-keyvault#/policy/types/keyExpiration'") { … }

query policyValues(filter: "policyTypeId:'tmod:@turbot/azure-keyvault#/policy/types/keyExpiration'") { … }

CLI

Get Policy Type

turbot graphql policy-type --id "tmod:@turbot/azure-keyvault#/policy/types/keyExpiration"

Get Policy Settings

turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/azure-keyvault#/policy/types/keyExpiration"

Policy: Azure > Key Vault > Key > Expiration

Targets

Related Policies

Controls

Policy Packs

Policy Specification

Category

In Your Workspace

Developers

Policy: Azure > Key Vault > Key > Expiration

Targets

Related Policies

Controls

Policy Packs

Policy Specification

Category

In Your Workspace

Developers