Control: AWS > CIS v1.4 > 1 - Identity and Access Management > 1.14 - Ensure access keys are rotated every 90 days or less (Automated)

Configures auditing against a CIS Benchmark item.

Level: 1 (Scored)

Access keys consist of an access key ID and secret access key, which are used to sign programmatic requests that you make to AWS. AWS users need their own access keys to make programmatic calls to AWS from the AWS Command Line Interface (AWS CLI), Tools for Windows PowerShell, the AWS SDKs, or direct HTTP calls using the APIs for individual AWS services. It is recommended that all access keys be regularly rotated.

Resource Types

This control targets the following resource types:

AWS > IAM > Credential Report

Primary Policies

The following policies can be used to configure this control:

1.14 - Ensure access keys are rotated every 90 days or less (Automated)

In Your Workspace

Developers

Control Type URI

tmod:@turbot/aws-cisv1-4#/control/types/r0114

Category URI

tmod:@turbot/cis#/control/categories/v0716

GraphQL

query controlType(id: "tmod:@turbot/aws-cisv1-4#/control/types/r0114") { … }

query controls(filter: "controlTypeId:'tmod:@turbot/aws-cisv1-4#/control/types/r0114'") { … }

CLI

Get Controls

turbot graphql controls --filter "controlTypeId:tmod:@turbot/aws-cisv1-4#/control/types/r0114"