GCP Key Management
Overview
Critical
1High
0Medium
0Low
1Informational
0Security issues (2)
| Severity | Non-Compliance | Region | Resource | Issue | Remediation | Read more | Action |
|---|---|---|---|---|---|---|---|
| Critical | CIS 1.10 PCI DSS 3.7.4 HIPAA (Encryption) | global | my-keyring3-name | KMS cryptographic key has no rotation period set. | To fulfill HIPAA and PCI DSS key rotation requirements, ensure all cryptographic keys are set to rotate periodically. | More info | |
| Low | — | global | my-key-2 | KMS cryptographic key has inadequate protection level: Protection level unspecified. | Ensure the protection level for cryptographic keys is set to Software (Customer-managed encryption key, or CMEK), Hardware Security Module (HSM), or External key manager. | More info |
Key rings (3)
| Name | Location | Keys | Created | Security issues |
|---|---|---|---|---|
| my-key-ring | global | my-key | — | |
| my-keyring3 | us | my-key5, my-keyring3-name | — | |
| my-key-ring2 | southamerica-west1 | my-key-2 | — |
Key inventory (4)
| Name | Key ring | Location | Created | Next rotation | Status | Protection level | Security issues |
|---|---|---|---|---|---|---|---|
| my-key | my-key-ring | global | Enabled | Software | — | ||
| my-key5 | my-keyring3 | us | Enabled | Software | — | ||
| my-keyring3-name | my-keyring3 | us | Enabled | Software | 1 Critical (details) | ||
| my-key-2 | my-key-ring2 | southamerica-west1 | Enabled | Protection level unspecified | 1 Low (details) |
API keys (0)
| Name | Created | Restrictions | Security issues |
|---|