An AccessKey for a Resource Access Management (RAM) user is considered compliant if its age does not exceed a specified number of days. The default value is 90 days.
Risk level
Default risk level: High.
You can change the risk level as needed.
Detection logic
An AccessKey for a RAM user is compliant if its age does not exceed a specified number of days. The default value is 90 days.
Rule details
Parameter | Description |
Rule name | Rotate AccessKeys for RAM users within a specified period |
Rule identifier | |
Labels | RAM, User |
Automatic remediation | Not supported |
Trigger type | Periodic |
Trigger frequency | 24 hours |
Supported resource types | ACS::RAM::User |
Rule parameters | days (Default value: 90) |
Remediation
For remediation steps, see Rotate AccessKeys for RAM users.