Policies

Define and manage governance policies

📋

Policy Enforcement

Policies are automatically enforced across all teams and keys. Violations will trigger alerts and block operations until resolved.

Key Rotation Policy

ActiveRotation

Enforce automatic key rotation every 90 days

Policy Rules

  • Rotate keys every 90 days
  • Notify team 7 days before rotation
  • Require quorum approval for rotation

Applied To

EngineeringFinanceSecurity

Access Control Policy

ActiveAccess

Minimum quorum requirements for key operations

Policy Rules

  • Minimum 3 approvers for production keys
  • Minimum 2 approvers for staging keys
  • Approval must include at least one admin

Applied To

All Teams

Compliance Audit Policy

ActiveCompliance

Comprehensive audit logging and retention

Policy Rules

  • Log all key access and operations
  • Retain logs for 2 years
  • Generate monthly compliance reports
  • Alert on policy violations

Applied To

All Teams