Context: Cipher encryption utilizes key values that are internal to each Cipher Channel. As far as the documentation is concerned, there seems to be no notion of these internal keys ever changing/rotating.
Problem: While the encryption keys are not readily accessible from the Cipher Channel configuration, reducing likelihood of a key being obtained by a bad actor, key rotation is still necessary. Compliances such as GDPR greatly recommend highly-sensitive data encryption be rotated every 90 days.
At the moment, rotating an encryption would require creating a brand new Cipher Channel, applying the new channel to all encryption locations, and then re-assigning operational user decryption licenses. This process is not ideal.
Request: Allow a configurable option to have a Channel’s internal encryption keys to be rotated on an automated schedule. If there is an internal Cipher Channel functionality that already addresses this (auto rotation), then update Cipher documentation with details.