Ensure KMS symmetric key is rotated.

Description

This policy checks whether a Yandex KMS symmetric key has a rotation period configured. Key rotation is an essential practice for maintaining the security of encrypted data, as it reduces the impact of a compromised key. By rotating keys regularly, organizations can minimize the damage caused by a security breach. It's crucial to set a rotation period to ensure the key is updated periodically.

Code Example

terraform

resource "yandex_kms_symmetric_key" "example" {
  rotation_period = "8760h" // rotate every 1 year
}

Remediation

Set a rotation period for the KMS symmetric key to ensure it is rotated regularly.

Rule Details

Field	Value
ID	IAC-1342
Severity	MEDIUM
IaC Type	Terraform
Frameworks	yandex_kms_symmetric_key
Checkov ID	CKV_YC_9

References

Checkov Rule

Overview

SAST (Application Security)

SCA (Dependencies)

Secrets Detection

IaC Security

License Compliance

SAST Rules

IaC Rules

License Rules

Ensure KMS symmetric key is rotated.

Description

Code Example

Remediation

Rule Details

References

SAST Rules

IaC Rules

License Rules

Ensure KMS symmetric key is rotated. ​

Description ​

Code Example ​

Remediation ​

Rule Details ​

References ​

Ensure KMS symmetric key is rotated.

Description

Code Example

Remediation

Rule Details

References