CSMS Secrets Have Enabled Automatic Rotation
Rule Details
|
Parameter |
Description |
|---|---|
|
Rule Name |
csms-secrets-auto-rotation-enabled |
|
Identifier |
csms-secrets-auto-rotation-enabled |
|
Description |
If a CSMS does not have automatic rotation enabled, this secret is noncompliant. |
|
Tag |
csms |
|
Trigger Type |
Configuration change |
|
Filter Type |
csms.secrets |
|
Configure Rule Parameters |
None |
Applicable Scenario
Secret rotation enables you to periodically rotate your secret, so that even if your secret is leaked, unauthorized users can only use your secret during the non-rotated period. You are advised to configure a proper rotation interval for your secrets.
Solution
You can enable automatic secret rotation and configure a proper rotation policy and interval.
Rule Logic
- If a CSMS secret does not have automatic rotation enabled, this secret is noncompliant.
- If a CSMS secret has automatic rotation enabled, this secret is compliant.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
