secretsmanager-scheduled-rotation-success-check - Amazon Config
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

secretsmanager-scheduled-rotation-success-check

Checks if Amazon Secrets Manager secrets rotated successfully according to the rotation schedule. Secrets Manager calculates the date the rotation should happen. The rule is NON_COMPLIANT if the date passes and the secret isn't rotated.

Note

Recording delays

Evaluation results for this rule can be delayed for up to 2 days from a missed rotation date. For more immediate monitoring, see Monitor Amazon Secrets Manager with Amazon CloudWatch in the Secrets Manager User Guide.

Secrets without rotation

The rule returns NOT_APPLICABLE for secrets that aren't configured for rotation.

Identifier: SECRETSMANAGER_SCHEDULED_ROTATION_SUCCESS_CHECK

Resource Types: AWS::SecretsManager::Secret

Trigger type: Configuration changes

Amazon Web Services Region: All supported Amazon regions except US ISO West, US ISO East, Asia Pacific (Malaysia), US ISOB East, Canada West (Calgary) Region

Parameters:

None

Amazon CloudFormation template

To create Amazon Config managed rules with Amazon CloudFormation templates, see Creating Amazon Config Managed Rules With Amazon CloudFormation Templates.