access-keys-rotated

Checks whether the active access keys are rotated within the number of days specified in maxAccessKeyAge. The rule is NON_COMPLIANT if the access keys have not been rotated for more than maxAccessKeyAge number of days.

Note

Re-evaluating this rule within 4 hours of the first evaluation will have no effect on the results.

Identifier: ACCESS_KEYS_ROTATED

Trigger type: Periodic

AWS Region: All supported AWS Regions except Africa (Cape Town) and Europe (Milan)

Parameters:

maxAccessKeyAge: Maximum number of days within which the access keys must be rotated. The default value is 90 days.

AWS CloudFormation template

To create AWS Config managed rules with AWS CloudFormation templates, see Creating AWS Config Managed Rules With AWS CloudFormation Templates.

Warning Javascript is disabled or is unavailable in your browser.

To use the AWS Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

iam-customer-policy-blocked-kms-actions

account-part-of-organizations