Ensure that the Expiration Date is set for all Secrets in RBAC Key Vaults
Why This Matters
Secrets in Azure Key Vault that never expire present a persistent security risk. If a secret is compromised, there is no automatic mechanism to limit its misuse. By setting expiration dates, you enforce a lifecycle for secrets, ensuring they are rotated and cannot be used beyond an approved timeframe.
What Aether365 Checks
Aether365 verifies that every secret in an RBAC-enabled Azure Key Vault has an expiration date set. This check appears in the Aether365 dashboard under azure-azure-keyvault checks and alerts you to any secrets that lack this essential attribute.