Ensure that the rotation interval for your AWS Secrets Manager secrets is configured to meet security and compliance requirements. Prior to running this rule by the Cloud Conformity engine, the rotation interval (in days) must be configured in the rule settings, on your Cloud Conformity account dashboard. Amazon Secrets Manager rotation feature represents the automatic process that periodically change your secrets information to make it more difficult for attackers to access the services and resources secured with these secrets.
This rule can help you with the following compliance standards:
This rule can help you work with the AWS Well-Architected Framework
This rule resolution is part of the Cloud Conformity Security & Compliance tool for AWS
By configuring your Amazon Secrets Manager secrets to use the right number of days between secrets rotation (also known as rotation interval), you fulfill the security and compliance requirements defined by your organization.
Note: This rule assumes that the automatic rotation feature is already enabled for your AWS Secrets Manager secrets. If automatic rotation is not currently enabled, follow the steps outlined in this conformity rule to enable the feature.
To determine if automatic rotation interval is configured correctly for your Amazon Secrets Manager secrets, perform the following actions:
To configure the automatic rotation interval for your Amazon Secrets Manager secrets in order to meet the security and compliance requirements defined within your organization, perform the following actions: