Ensure that storage account access keys are periodically regenerated
Why This Matters
Storage account access keys grant full, unrestricted access to all data within the account. If a key is inadvertently exposed through a misconfigured application or a compromised service, an attacker can read, modify, or delete storage blobs, queues, tables, or files. Regenerating these keys on a regular schedule limits the window of exposure and forces any leaked keys to become useless over time.
What Aether365 Checks
Aether365 verifies that storage account access keys are regenerated at an interval aligned with your organization's security policy. This check appears in the Aether365 dashboard under the azure-storage-accounts section.