chore: Fulfill checkov checks

mkilchhofer · mkilchhofer · commit 70121785da3e · 2023-01-24T10:25:11.000+01:00
diff --git a/.checkov_config.yaml b/.checkov_config.yaml
@@ -11,6 +11,7 @@ quiet: true
 secrets-scan-file-type: []
 skip-check:
   - CKV_GHA_3
+  - CKV_AZURE_112
   - CKV_AZURE_168
   - CKV_AZURE_170
 skip-framework:
diff --git a/examples/named_cluster/kms.tf b/examples/named_cluster/kms.tf
@@ -7,10 +7,11 @@ resource "azurerm_key_vault_key" "kms" {
     "verify",
     "wrapKey",
   ]
-  key_type     = "RSA"
-  key_vault_id = azurerm_key_vault.des_vault.id
-  name         = "etcd-encryption"
-  key_size     = 2048
+  key_type        = "RSA"
+  key_vault_id    = azurerm_key_vault.des_vault.id
+  name            = "etcd-encryption"
+  expiration_date = timeadd("${formatdate("YYYY-MM-DD", timestamp())}T00:00:00Z", "168h")
+  key_size        = 2048
 
   depends_on = [
     azurerm_key_vault_access_policy.current_user
