💼 [IAM.3] IAM users' access keys should be rotated every 90 days or less

ID: /frameworks/aws-fsbp-v1.0.0/iam/03

Description

Access keys consist of an access key ID and a secret access key. They are used to sign programmatic requests that you make to AWS. Users need their own access keys to make programmatic calls to AWS from the AWS CLI, Tools for Windows PowerShell, the AWS SDKs, or direct HTTP calls using the API operations for individual AWS services.

Similar

AWS Security Hub
- https://docs.aws.amazon.com/securityhub/latest/userguide/iam-controls.html#iam-3
Internal
- ID: dec-c-89c3d4a6

Similar Sections (Give Policies To)

Section	Internal Rules	Policies	Compliance
💼 NIST SP 800-53 Revision 5 → 💼 AC-2(1) Account Management _ Automated System Account Management	4	18	no data
💼 NIST SP 800-53 Revision 5 → 💼 AC-2(3) Account Management _ Disable Accounts	1	4	no data
💼 NIST SP 800-53 Revision 5 → 💼 AC-3(15) Access Enforcement _ Discretionary and Mandatory Access Control		13	no data
💼 PCI DSS v4.0.1 → 💼 8.3.9 If passwords/passphrases are used as the only authentication factor for user access then either passwords/passphrases are changed at least once every 90 days, or the security posture of accounts is dynamically analyzed.		3	no data
💼 PCI DSS v4.0.1 → 💼 8.6.3 Passwords/passphrases for any application and system accounts are protected against misuse.		2	no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Policies (1)

Policy	Logic Count	Flags	Compliance
🛡️ AWS IAM User Access Keys are not rotated every 90 days or less🟢	1	🟢 x6	no data

Internal Rules

Rule	Policies	Flags
✉️ dec-x-bcb0c78f	1

Description​

Similar​

Similar Sections (Give Policies To)​

Sub Sections​

Policies (1)​

Internal Rules​