Best practice rules for AWS Secrets Manager
Trend Micro Cloud One™ – Conformity monitors AWS Secrets Manager with the following rules:
- Secret Encrypted With KMS Customer Master Keys
Ensure that AWS Secrets Manager service enforces data-at-rest encryption using KMS CMKs.
- Secret Rotation Enabled
Ensure that automatic rotation is enabled for your Amazon Secrets Manager secrets.
- Secret Rotation Interval
Ensure that Amazon Secrets Manager automatic rotation interval is properly configured.
- Secrets Manager In Use
Ensure that AWS Secrets Manager is in use for secure and efficient credentials management.