Aqua CSPM
AWSIAM

Access Keys Rotated

Quick Info

Plugin TitleAccess Keys Rotated
CloudAWS
CategoryIAM
DescriptionEnsures access keys are not older than 180 days in order to reduce accidental exposures
More InfoAccess keys should be rotated frequently to avoid having them accidentally exposed.
AWS Linkhttp://docs.aws.amazon.com/IAM/latest/UserGuide/ManagingCredentials.html
Recommended ActionTo rotate an access key, first create a new key, replace the key and secret throughout your app or scripts, then set the previous key to disabled. Once you ensure that no services are broken, then fully delete the old key.

Detailed Remediation Steps

  1. Log into the AWS Management Console.
  2. Select the “Services” option and search for IAM.
  3. Scroll down the left navigation panel and choose “Users”.
  4. Select the “User” that needs to be verified and click on the “User name” to access the selected “IAM User”.
  5. Click on the “Security Credentials” under the configuration page.
  6. Scroll down and under “Security Credentials” check the “Last used” cloumn in “Access keys” to determine the last date of “Access Key” used.Any key above 180days which is “Active” is old and expired and needs to be updated to reduce accidental exposures.
  7. Repeat steps number 4 - 6 for the “IAM Users” that need to be verify.
  8. Select the “Security Credentials” tab under the configuration page and click on “Create access key” to create a new key.
  9. Click on the “Download .csv file” to download the new “Secret Access Key” and “Access Key ID” for newly created “Access key”.
  10. Use the new “Access Key” for application(s) code and replace the older key with the new one. Make sure that new “Access key” pair is working fine.
  11. To remove the older “Access Key” once you verified that the new “Access Key” is working fine click on the “Security Credentials” under IAM user configuration page and select the older “Access Key ID” which needs to be removed.
  12. Click on the cross(×) symbol at the extreme right to remove the selected key.
  13. Click on “Delete” button under “Delete access key” tab to delete the older “Access Key”.

Cloud Security Posture Management (CSPM)

Scan, monitor and remediate configuration issues in public cloud accounts according to best practices and compliance standards, across AWS, Azure, Google Cloud, and Oracle Cloud.
Sign up for free
Cloud native security as-a-service
Aqua Wave
Get Started
Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2021 Aqua Security Software Ltd.   Privacy Policy | Terms of Use