What is the purpose of 'rotate keys' option in OCI?
631
Created On 05/27/21 22:21 PM - Last Modified 04/07/25 18:00 PM
Question
Q. What is the purpose of 'rotate keys' option in OCI?
Environment
- Prisma Cloud
- Version: 21.5.2
Answer
When you check the option - 'rotate keys', Prisma Cloud will generate a new key pair - private & public and puts the public key into the TerraForm file to push to OCI.
Additional Information
When you initially onboard an OCI account, Prisma Cloud will generate a user - 'Prisma Cloud' with API keys - Private and Public for OCI and save private key in the backend. The Prisma Cloud user will use the API key to ingest the data. However, after 90 days, Prisma Cloud user will be alerted from the default policy - "OCI users customer secret keys have aged more than 90 days without being rotated" if enabled.
By checking 'rotate keys' option, API keys - Private & Public will be refreshed and a new private key will be stored in the backend and the alert triggered by the policy will be resolved.
** If you have multiple accounts in OCI, you need to run the script per account to update API keys.