Skip to content

Latest commit

 

History

History
25 lines (21 loc) · 2.02 KB

File metadata and controls

25 lines (21 loc) · 2.02 KB

CloudSploit

GOOGLE / Cryptographic Keys / Key Rotation

Quick Info

Plugin Title Key Rotation
Cloud GOOGLE
Category Cryptographic Keys
Description Ensures cryptographic keys are set to rotate on a regular schedule
More Info All cryptographic keys should have key rotation enabled. Google will handle the rotation of the encryption key itself, as well as storage of previous keys, so previous data does not need to be re-encrypted before the rotation occurs.
GOOGLE Link https://cloud.google.com/vpc/docs/using-cryptoKeys
Recommended Action Ensure that cryptographic keys are set to rotate.

Detailed Remediation Steps

  1. Log into the Google Cloud Platform Console.
  2. Scroll down the left navigation panel and select the "Cryptographic keys" option under the "Security."
  3. On the "Cryptographic keys" page, select the "Name" as a link option to access the key.
  4. On the "Cryptographic keys- Edit" page, check whether the cryptographic keys are set to rotate on a regular schedule or not.
  5. Repeat steps number 2 - 4 to check the other cryptographic keys in the account.
  6. Navigate to the "Security" on the left navigation panel, select the "Cryptographic keys" option and select the cryptographic key in the question.
  7. Click on the 3 dots at the extreme right to choose the "Edit rotation period" option to change the rotation period to 90 days and click on the "Save" button to make the changes.
  8. Repeat steps number 6 - 7 to ensure that cryptographic keys are set to rotate.