Remove unused Secrets Manager secrets

이 페이지는 아직 영어로 제공되지 않습니다. 번역 작업 중입니다.
현재 번역 프로젝트에 대한 질문이나 피드백이 있으신 경우 언제든지 연락주시기 바랍니다.

Description

This control checks if an AWS Secrets Manager secret has been accessed within the last 90 days. The control will fail if the secret remains unused beyond this defined period.

Unused secrets may be exploited by individuals who no longer require access. Additionally, the more users that have access to a secret, the higher the risk that it could be mishandled or exposed to unauthorized parties. Removing unused secrets helps prevent access by users who no longer need it and can also reduce the costs associated with Secrets Manager. Regularly deleting unused secrets is a vital part of maintaining a secure environment.

Remediation

For guidance on deleting secrets, please refer to the Delete an AWS Secrets Manager secret section of the AWS Secrets Manager User Guide

PREVIEWING: drodriguezhdez/add_public_docs_log_summarization