secretsmanager-scheduled-rotation-success-check
Checks if Amazon Secrets Manager secrets rotated successfully according to the rotation schedule. Secrets Manager calculates the date the rotation should happen. The rule is NON_COMPLIANT if the date passes and the secret isn't rotated.
Note
Recording delays
Evaluation results for this rule can be delayed for up to 2 days from a missed rotation date. For more immediate monitoring, see Monitor Amazon Secrets Manager with Amazon CloudWatch in the Secrets Manager User Guide.
Secrets without rotation
The rule returns NOT_APPLICABLE for secrets that aren't configured for rotation.
Identifier: SECRETSMANAGER_SCHEDULED_ROTATION_SUCCESS_CHECK
Resource Types: AWS::SecretsManager::Secret
Trigger type: Configuration changes
Amazon Web Services Region: All supported Amazon regions except US ISO West, US ISO East, Asia Pacific (Malaysia), US ISOB East, Canada West (Calgary) Region
Parameters:
- None
Amazon CloudFormation template
To create Amazon Config managed rules with Amazon CloudFormation templates, see Creating Amazon Config Managed Rules With Amazon CloudFormation Templates.