Skip to main content

πŸ’Ό [SecretsManager.2] Secrets Manager secrets configured with automatic rotation should rotate successfully

  • Contextual name: πŸ’Ό [SecretsManager.2] Secrets Manager secrets configured with automatic rotation should rotate successfully

  • ID: /frameworks/aws-fsbp-v1.0.0/secrets-manager/02

  • Located in: πŸ’Ό Secrets Manager

Description​

Secrets Manager helps you improve the security posture of your organization. Secrets include database credentials, passwords, and third-party API keys. You can use Secrets Manager to store secrets centrally, encrypt secrets automatically, control access to secrets, and rotate secrets safely and automatically.

Secrets Manager can rotate secrets. You can use rotation to replace long-term secrets with short-term ones. Rotating your secrets limits how long an unauthorized user can use a compromised secret. For this reason, you should rotate your secrets frequently.

In addition to configuring secrets to rotate automatically, you should ensure that those secrets rotate successfully based on the rotation schedule.

Similar​

Similar Sections (Give Policies To)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό NIST SP 800-53 Revision 5 β†’ πŸ’Ό AC-2(1) Account Management _ Automated System Account Management416
πŸ’Ό NIST SP 800-53 Revision 5 β†’ πŸ’Ό AC-3(15) Access Enforcement _ Discretionary and Mandatory Access Control10
πŸ’Ό PCI DSS v4.0.1 β†’ πŸ’Ό 8.3.9 If passwords/passphrases are used as the only authentication factor for user access then either passwords/passphrases are changed at least once every 90 days, or the security posture of accounts is dynamically analyzed.1
πŸ’Ό PCI DSS v4.0.1 β†’ πŸ’Ό 8.6.3 Passwords/passphrases for any application and system accounts are protected against misuse.1

Sub Sections​

SectionSub SectionsInternal RulesPoliciesFlags