Control: GCP > CIS v1 > 1 Identity and Access Management > 1.06 Ensure user-managed/external keys for service accounts are rotated every 90 days or less (Scored)
Configures auditing against a CIS Benchmark item.
Level: 1 (Scored)
Rotating Service Account keys will reduce the window of opportunity for an access key that is associated with a compromised or terminated account to be used. Service Account keys should be rotated to ensure that data cannot be accessed with an old key which might have been lost, cracked, or stolen.
Resource Types
This control targets the following resource types:
Primary Policies
The following policies can be used to configure this control:
Category
In Your Workspace
Developers
- tmod:@turbot/gcp-cisv1#/control/types/r0106
- tmod:@turbot/cis#/control/categories/v071602
- turbot graphql controls --filter "controlTypeId:tmod:@turbot/gcp-cisv1#/control/types/r0106"
Get Controls
Control Type URI
Category URI
GraphQL
CLI