Hello @sagarvyas ,

As per this documentation, Automatic key rotation at a defined period, such as every 90 days, increases security with minimal administrative complexity. 

Why rotate keys?

For symmetric encryption, periodically and automatically rotating keys is a recommended security practice. Some industry standards, such as Payment Card Industry Data Security Standard (PCI DSS), require the regular rotation of keys.

Cloud Key Management Service does not support automatic rotation of asymmetric keys. See Considerations for asymmetric keys below.

Rotating keys provides several benefits:

• Limiting the number of messages encrypted with the same key version helps prevent attacks enabled by cryptanalysis. Key lifetime recommendations depend on the key's algorithm, as well as either the number of messages produced or the total number of bytes encrypted with the same key version. For example, the recommended key lifetime for symmetric encryption keys in Galois/Counter Mode (GCM) is based on the number of messages encrypted, as noted at https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf.

• In the event that a key is compromised, regular rotation limits the number of actual messages vulnerable to compromise.

  If you suspect that a key version is compromised, disable it and revoke access to it as soon as possible.

• Regular key rotation ensures that your system is resilient to manual rotation, whether due to a security breach or the need to migrate your application to a stronger cryptographic algorithm. Validate your key rotation procedures before a real-life security incident occurs.

You can also manually rotate a key, either because it is compromised, or to modify your application to use a different algorithm.