Posted On: Mar 15, 2021
AWS Config now supports three new AWS Config managed rules to help you verify that your secrets in AWS Secrets Manager are configured in accordance with your organization’s security and compliance requirements. AWS Config records and evaluates configurations of your AWS resources. AWS Config managed rules are predefined rules that AWS Config uses to evaluate whether your AWS resource configurations comply with common best practices. AWS Secrets Manager helps easily rotate, manage, and retrieve database credentials, API keys, and other secrets through their lifecycle.
- secretsmanager-using-cmk checks if all secrets in AWS Secrets Manager are encrypted using an AWS Key Management Service (AWS KMS) customer master key (CMK).
- secretsmanager-secret-unused checks if AWS Secrets Manager secrets have been accessed within a specified number of days.
- secretsmanager-secret-periodic-rotation checks if AWS Secrets Manager secrets have been rotated in the past specified number of days.