Back to All Checks
Medium SecretsManager Regional

Remove unused Secrets Manager secrets

NIST

Description

This control checks whether your secrets have been accessed within a specified number of days. The default value is 90 days. If a secret was not accessed within the defined number of days, this control fails.

Remediation

To delete inactive Secrets Manager secrets, see Delete an AWS Secrets Manager secret in the AWS Secrets Manager User Guide.

Steps

  1. Go to the AWS Secrets Manager console.
  2. Identify secrets that have not been accessed within the specified period.
  3. Delete the unused secrets.

Compliance

NIST
Start Your Free Security Check