Ensure that the Expiration Date is set for all Secrets in Non-RBAC Key Vaults
Why This Matters
Secrets stored in Azure Key Vault without expiration dates can be forgotten and remain active indefinitely. This creates a significant security risk, as compromised or outdated secrets may be exploited by attackers. Setting expiration dates ensures secrets are rotated automatically and cannot be used beyond their intended lifetime, reducing the attack surface.
What Aether365 Checks
Aether365 verifies that all secrets in non-RBAC Azure Key Vaults have an expiration date configured. This check appears in your Aether365 dashboard under the azure-azure-keyvault category.