KMS master encryption keys should be rotated at least annually

oracle-cloud-infrastructure

Description

Customer master encryption keys in Oracle Cloud Infrastructure Vault should be rotated at least annually to limit the amount of data encrypted by one key version and reduce cryptographic risk.

Remediation

Configure automatic key rotation or manually rotate customer master keys annually. For guidance on key rotation, refer to the Key Rotation section in the Oracle Cloud Infrastructure Documentation.