Access Keys Rotation (90 days)

Authentication

Access Keys Rotation (90 days)

Platform(s)

Compliance Frameworks

AWS CIS
AWS Foundational Security Best Practices Controls
Brazilian General Data Protection (LGPD)
CCM-CSA
CCPA
cis_8
CPRA
Data Security Posture Management (DSPM) Best Practices
GDPR
HITRUST
iso_27001_2022
iso_27002_2022
mpa
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
Orca Best Practices
PDPA
UK Cyber Essentials

Description

Access keys consist of an access key ID and secret access key, which are used to sign programmatic requests that you make to AWS. AWS users need their own access keys to make programmatic calls to AWS from the AWS Command Line Interface (AWS CLI), Tools for Windows PowerShell, the AWS SDKs, or direct HTTP calls using the APIs for individual AWS services. It was detected that AWS user {AwsUser.Name} has an access key that was not rotated in the last 90 days. It is advised that all access keys be regularly rotated to ensure that data cannot be accessed with an old key which might have been lost, cracked, or stolen. Rotating access keys will reduce the window of opportunity for an access key that is associated with a compromised or terminated account to be used.

Access Keys Rotation (90 days)

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS