Skip to main content

Azure Policy for Key Vault now supports keys, secrets, and certificates

Published date: October 21, 2020

Azure Policy is a governance tool that gives users the ability to audit and manage their Azure environment at scale. Azure Policy for Key Vault helps you audit secrets, keys, and certificates stored in your key vault to make sure they meet compliance requirements you set. Any secret, key, or certificate that does not meet the requirements will appear as non-compliant on your policy compliance dashboard. You will be able to find the specific key vault object, and the key vault in which it exists quickly. You have the ability to set deny policies to prevent users from creating or importing key vault objects that are not compliant with your policy. You can also group several policies together into an initiative and send compliance results to Azure Security Center. 

Key Benefits: 

  • Apply policy to a scope that covers your entire service for seamless centralized compliance. 
  • Audit properties such as expiration dates, maximum validity period, minimum key size, and many more.
  • Easily find keys, secrets, and certificates that are non compliant, even if they are spread out across multiple subscriptions, resource-groups, and key vaults.
  • Deny the creation or import of keys, secrets, and certificates that don't meet your security standards.
  • Group policies into an initiative and publish results in Azure Security Center. 

Learn more about Azure Policy.

Learn more about Azure Policy for Key Vault.

  • Key Vault
  • Azure Policy
  • Microsoft Defender for Cloud
  • Compliance
  • Features
  • Security