Skip Navigation

Azure Policy for Key Vault now supports keys, secrets and certificates

Published date: 21 October, 2020

Azure Policy is a governance tool that gives users the ability to audit and manage their Azure environment at scale. Azure Policy for Key Vault helps you audit secrets, keys and certificates stored in your key vault to make sure they meet compliance requirements you set. Any secret, key or certificate that does not meet the requirements will appear as non-compliant on your policy compliance dashboard. You will be able to find the specific key vault object and the key vault in which it exists quickly. You have the ability to set deny policies to prevent users from creating or importing key vault objects that are not compliant with your policy. You can also group several policies together into an initiative and send compliance results to Azure Security Center. 

Key Benefits: 

  • Apply policy to a scope that covers your entire service for seamless centralised compliance. 
  • Audit properties such as expiry dates, maximum validity period, minimum key size and many more.
  • Easily find keys, secrets and certificates that are non compliant, even if they are spread out across multiple subscriptions, resource-groups and key vaults.
  • Deny the creation or import of keys, secrets and certificates that do not meet your security standards.
  • Group policies into an initiative and publish results in Azure Security Center. 

Learn more about Azure Policy.

Learn more about Azure Policy for Key Vault.

  • Key Vault
  • Azure Policy
  • Security Center
  • Compliance
  • Features
  • Security