AWS Official Blog

AWS Access Credential Rotation

by Jeff Barr | on | in Announcements | | Comments

Most security standards recommend changing access credentials (passwords, certificates, or keys) on a regular basis.  However, until recently this has been a bit tricky with AWS applications requesting a new Access Key ID or X.509 certificate immediately rendered the old one invalid.

Our new Access Credential Rotation feature makes it easier for you to switch (or rotate) from one set of credentials to another to make your cloud assets even more secure. Using the “Security Credentials” page on the AWS Portal, you can request a new access credential while leaving the old one active and valid. Later, after you have distributed the new credential to all of your applications, you can deactivate and then (when you are sure that everything is working properly) delete the old credential. You can have up to two credentials of each type (Access Key ID and X.509 certificate).

Now you can make your AWS applications even more secure!

— Jeff;