Ensure that all your Cloud Conformity API keys are rotated every 30 days in order to decrease the likelihood of accidental exposure. An API key is a secure 64-bit strong key, randomly generated by Cloud Conformity engine on your behalf and utilized for operations such as registering new AWS accounts, collecting necessary checks, etc.
Rotating API credentials periodically will significantly reduce the chances that a compromised set of keys can be used without your knowledge to access certain components and features within your Cloud Conformity account. Note: You can have up to two API keys for your Cloud Conformity account at a time, which is useful when you want to rotate your API keys.
To determine if your Cloud Conformity account has any outdated (> 30 days) API keys in use, perform the following:
To rotate (renew) your outdated Cloud Conformity API keys, perform the following actions:Note: Renewing Cloud Conformity API keys using the CLI is disabled for security reasons. The operation can be implemented only using the Cloud Conformity dashboard.