Authentication

Access Keys Rotation (90 days)

Platform(s)
Compliance Frameworks
  • AWS CIS
  • ,
  • AWS Foundational Security Best Practices Controls
  • ,
  • Brazilian General Data Protection (LGPD)
  • ,
  • CCM-CSA
  • ,
  • CCPA
  • ,
  • cis_8
  • ,
  • CPRA
  • ,
  • Data Security Posture Management (DSPM) Best Practices
  • ,
  • GDPR
  • ,
  • HITRUST
  • ,
  • iso_27001_2022
  • ,
  • iso_27002_2022
  • ,
  • mpa
  • ,
  • New Zealand Information Security Manual
  • ,
  • NIST 800-171
  • ,
  • NIST 800-53
  • ,
  • Orca Best Practices
  • ,
  • PDPA
  • ,
  • UK Cyber Essentials

Description

Access keys consist of an access key ID and secret access key, which are used to sign programmatic requests that you make to AWS. AWS users need their own access keys to make programmatic calls to AWS from the AWS Command Line Interface (AWS CLI), Tools for Windows PowerShell, the AWS SDKs, or direct HTTP calls using the APIs for individual AWS services. It was detected that AWS user {AwsUser.Name} has an access key that was not rotated in the last 90 days. It is advised that all access keys be regularly rotated to ensure that data cannot be accessed with an old key which might have been lost, cracked, or stolen. Rotating access keys will reduce the window of opportunity for an access key that is associated with a compromised or terminated account to be used.