Secrets Manager secrets should have automatic rotation enabled

Cette page n'est pas encore disponible en français, sa traduction est en cours.
Si vous avez des questions ou des retours sur notre projet de traduction actuel, n'hésitez pas à nous contacter.

Description

This control verifies whether secrets stored in AWS Secrets Manager are set up for automatic rotation. The control will fail if the secret is not configured to rotate automatically.

AWS Secrets Manager enhances the security of your organization by allowing you to centrally store, automatically encrypt, and control access to sensitive information such as database credentials, passwords, and third-party API keys. Additionally, Secrets Manager supports automatic rotation of secrets, which helps replace long-term secrets with short-term ones, reducing the risk associated with compromised secrets. Regular rotation of secrets is recommended to minimize the potential impact of unauthorized access. For more details on rotating secrets, refer to the AWS Secrets Manager User Guide.

Remediation

For guidance on enabling automatic rotation for secrets, please refer to the Rotating your AWS Secrets Manager secrets section in the AWS Secrets Manager User Guide.