1 hour 5 minutes
as your policy has built in policies that manage keys and certificates in azure key vault.
Let's look at what those are.
Here is the list of the available policy definitions for azure key vault,
the first one you can leverage to manage the certificate validity period of certificates stored in key vault.
You would like to restrict how long certificate is valid to avoid issuing long live certificates that can compromise security.
The next built in policy relates to the key types that are allowed.
You would like to use stronger key generation algorithms like R S A and E C C and, if possible, be backed up by ah hardware security module
managing certificate. Lifetime action triggers allows you to limit the actions allowed on a certificate
based on the time remaining toe expiration.
Managing certificates issued by an integrated CIA or certificate authority allows you to specify what integrated certificate authorities can be used to issue the certificate.
This policy also allows you to restrict the issuance of self signed certificate.
There is also policies that allow you to manage the curve names used by issuing elliptical curve cryptography certificates.
You can also have a policy that specifies the minimum key length for RSA certificates.
And last but not least, you can monitor certificates that are approaching expiration.
This will help you prioritize the certificates that need to be renewed.
We can look later on how these policies air reported in azure portal.