Best practice rules for AWS Secrets Manager
- AWS Secrets Manager in Use for DocumentDB Databases
Ensure that Secrets Manager service is used to manage DocumentDB database credentials.
- AWS Secrets Manager in Use for RDS Instances
Ensure that Amazon Secrets Manager service is used to manage RDS database credentials.
- AWS Secrets Manager in Use for Redshift Clusters
Ensure that Secrets Manager service is used to manage Redshift database credentials.
- Secret Encrypted With KMS Customer Master Keys
Ensure that AWS Secrets Manager service enforces data-at-rest encryption using KMS CMKs.
- Secret Rotation Enabled
Ensure that automatic rotation is enabled for your Amazon Secrets Manager secrets.
- Secret Rotation Interval
Ensure that Amazon Secrets Manager automatic rotation interval is properly configured.
- Secrets Manager In Use
Ensure that AWS Secrets Manager is in use for secure and efficient credentials management.