Back to All Checks
Medium IAM

IAM users' access keys should be rotated every 90 days or less

PCI DSSCISNISTISO 27001HIPAA

Description

Checks whether the access keys for your IAM users have been rotated within the last 90 days.

Remediation

To ensure IAM users' access keys are rotated every 90 days or less, follow these steps:

Steps

  1. Log into the AWS Management Console with an account that has administrative privileges.
  2. Navigate to the IAM dashboard and select 'Users' from the navigation pane.
  3. For each IAM user, click on the user name to view their security credentials.
  4. In the 'Access keys' section, review the 'Created' date for each access key. Identify any keys that are older than 90 days.
  5. Inform the IAM user about the need to rotate their access key and coordinate a time to perform the rotation.
  6. Create a new access key for the user by clicking 'Create access key'.
  7. Provide the new access key to the user and ensure they update their applications or services with the new key.
  8. After confirming that the new access key is functioning correctly, deactivate the old access key by clicking 'Make inactive', and then delete it.

Compliance

PCI DSSCISNISTISO 27001HIPAA
Start Your Free Security Check