Authentication

Service account key was not rotated in over 90 days

Risk Level

Informational (4)

Platform(s)

Description

Rotating Service Account keys will reduce the window of opportunity for an access key that is associated with a compromised or terminated account to be used. Service Account keys should be rotated to ensure that data cannot be accessed with an old key that might have been lost, cracked, or stolen.
  • Recommended Mitigation

    Delete any external (user-managed) Service Account Key older than 90 days