OCI-016 Oracle Cloud Infrastructure (OCI)

Vault keys have rotation configured.

Vault keys have rotation configured.

Domain
Oracle Cloud Infrastructure (OCI)
Area
Key Management
Automated / manual
Manual

Risk if it fails

Long-lived keys widen impact of compromise.

If an encryption key is ever exposed and never rotated, an attacker can keep decrypting data indefinitely; rotation limits what one stolen key unlocks.

How Tess tests it

1 test — each concludes only on cited evidence.

Vault keys have rotation configured.

Manual
Procedure
Review keys and confirm rotation/management practice.

Read-only command 

oci kms management key list --compartment-id <compartment-ocid> --endpoint <vault-mgmt-endpoint> (then review rotation)

More in Oracle Cloud Infrastructure (OCI)

OCI-001 MFA is enforced for all IAM users, especially administrators. OCI-002 Customer secret keys / API keys are rotated regularly (<=90 days). OCI-003 A strong password policy is configured. OCI-004 Membership of the Administrators group is minimal.

Want Tess to test OCI-016 against your evidence?

Book a demo