Ensure that the Expiration Date is set for all Keys in RBAC Key Vaults
Why This Matters
Without an explicit expiration date, cryptographic keys in Azure Key Vault remain valid indefinitely. This increases the risk that a compromised or outdated key continues to be used for encrypting data, wrapping keys, or signing operations. Setting expiration dates enforces periodic key rotation, reducing the attack surface and ensuring compliance with security best practices.
What Aether365 Checks
Aether365 verifies that all keys in Role Based Access Control (RBAC) enabled Azure Key Vaults have a defined expiration date. This check appears in your Aether365 dashboard under the azure key vault checks section.