We just raised $3.5M and we are hiring!

AWS Policies

With AWS Policies, you can use CloudQuery to automatically check compliance and security of AWS-based cloud resources. AWS CIS, PCI DSS and more to come.

$ cloudquery policy run aws
Category
compliance
Version
v0.1.13
License
MPL-2.0
License
MPL-2.0

AWS CIS 1.4 Ensure access keys are rotated every 90 days or less

Description

Access keys consist of an access key ID and secret access key, which are used to sign programmatic requests that you make to AWS. AWS users need their own access keys to make programmatic calls to AWS from the AWS Command Line Interface (AWS CLI), Tools for Windows PowerShell, the AWS SDKs, or direct HTTP calls using the APIs for individual AWS services. It is recommended that all access keys be regularly rotated.

Rationale

Rotating access keys will reduce the window of opportunity for an access key that is associated with a compromised or terminated account to be used. Access keys should be rotated to ensure that data cannot be accessed with an old key which might have been lost, cracked, or stolen.

Usage

cloudquery policy run aws//cis_v1.2.0/1/1.4

Queries