Skip to main content

lacework-global-120

Ensure active access keys are used every 90 days or less

Description

Access keys consist of an access key ID and secret access key, which are used to sign programmatic requests that you make to AWS. AWS users need their own access keys to make programmatic calls to AWS from the AWS Command Line Interface (AWS CLI), Tools for Windows PowerShell, AWS SDKs, or via direct HTTP calls using the APIs for individual AWS services. It is recommended to inactivate unused access keys.

Remediation

Perform the following to deactivate access keys:

  1. Log in to the AWS Management Console.

  2. Click Services.

  3. Click IAM and select Users.

  4. Open the IAM user of interest and select Security Credentials tab.

  5. Locate the key and click Make inactive.