github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/avd_docs/aws/iam/AVD-AWS-0146/Management_Console.md

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/avd_docs/aws/iam/AVD-AWS-0146/Management_Console.md (about)

     1  1. Log into the AWS Management Console.
     2  2. Select the "Services" option and search for IAM. </br> <img src="/resources/aws/iam/access-keys-rotated/step2.png"/>
     3  3. Scroll down the left navigation panel and choose "Users". </br><img src="/resources/aws/iam/access-keys-rotated/step3.png"/>
     4  4. Select the "User" that needs to be verified and click on the "User name" to access the selected "IAM User".</br><img src="/resources/aws/iam/access-keys-rotated/step4.png"/>
     5  5. Click on the "Security Credentials" under the configuration page.</br><img src="/resources/aws/iam/access-keys-rotated/step5.png"/>
     6  6. Scroll down and under "Security Credentials" check the "Last used" cloumn in "Access keys" to determine the last date of "Access Key" used.Any key above 180days which is "Active" is old and expired and needs to be updated to reduce accidental exposures.</br><img src="/resources/aws/iam/access-keys-rotated/step6.png"/>
     7  7. Repeat steps number 4 - 6 for the "IAM Users" that need to be verify.</br>
     8  8. Select the "Security Credentials" tab under the configuration page and click on "Create access key" to create a new key.</br><img src="/resources/aws/iam/access-keys-rotated/step8.png"/>
     9  9. Click on the "Download .csv file" to download the new "Secret Access Key" and "Access Key ID" for newly created "Access key".</br><img src="/resources/aws/iam/access-keys-rotated/step9.png"/>
    10  10. Use the new "Access Key" for application(s) code and replace the older key with the new one. Make sure that new "Access key" pair is working fine.</br>
    11  11. To remove the older "Access Key" once you verified that the new "Access Key" is working fine click on the "Security Credentials" under IAM user configuration page and select the older "Access Key ID" which needs to be removed.</br><img src="/resources/aws/iam/access-keys-rotated/step11.png"/>
    12  12. Click on the cross(×) symbol at the extreme right to remove the selected key. </br> <img src="/resources/aws/iam/access-keys-rotated/step12.png"/>
    13  13. Click on "Delete" button under "Delete access key" tab to delete the older "Access Key".</br><img src="/resources/aws/iam/access-keys-rotated/step13.png"/>