- 필수 기능
- 시작하기
- Glossary
- 표준 속성
- Guides
- Agent
- 통합
- 개방형텔레메트리
- 개발자
- Administrator's Guide
- API
- Datadog Mobile App
- CoScreen
- Cloudcraft
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- APM
- Continuous Profiler
- 스팬 시각화
- 데이터 스트림 모니터링
- 데이터 작업 모니터링
- 디지털 경험
- 소프트웨어 제공
- 보안
- AI Observability
- 로그 관리
- 관리
This control verifies whether an AWS Secrets Manager secret is rotated at least once within 90 days. The control will fail if the secret is not rotated within this period. This control does not apply to secrets created within the last 90 days.
Regularly rotating secrets helps reduce the risk of unauthorized access to sensitive information, such as database credentials, passwords, third-party API keys, or other confidential data. The longer a secret remains unchanged, the higher the risk of it being compromised.
As the number of users with access to a secret increases, so does the likelihood of accidental exposure to unauthorized parties, through means such as logs, cache data, or shared debugging processes. For these reasons, frequent rotation of secrets is essential.
For guidance on rotating secrets, please refer to the Rotating your AWS Secrets Manager secrets section in the AWS Secrets Manager User Guide.