Control: AWS > CIS v4.0 > 1 - Identity and Access Management > 1.14 - Ensure access keys are rotated every 90 days or less

Configures auditing against a CIS Benchmark item.

Level: 1

Access keys consist of an access key ID and secret access key, which are used to sign programmatic requests that you make to AWS. AWS users need their own access keys to make programmatic calls to AWS from the AWS Command Line Interface (AWS CLI), Tools for Windows PowerShell, the AWS SDKs, or direct HTTP calls using the APIs for individual AWS services. It is recommended that all access keys be regularly rotated.

Resource Types

This control targets the following resource types:

AWS > IAM > User

Policies

This control type relies on these other policies when running actions:

In Your Workspace

Developers

Control Type URI

tmod:@turbot/aws-cisv4-0#/control/types/r0114

Category URI

tmod:@turbot/cis#/control/categories/v0716

GraphQL

query controlType(id: "tmod:@turbot/aws-cisv4-0#/control/types/r0114") { … }

query controls(filter: "controlTypeId:'tmod:@turbot/aws-cisv4-0#/control/types/r0114'") { … }

CLI

Get Controls

turbot graphql controls --filter "controlTypeId:tmod:@turbot/aws-cisv4-0#/control/types/r0114"