API Gateway API Key Needs to Be Rotated

Overview

Changing API Gateway API keys on a regular schedule is a well-known security best practice because it shortens the period an access key is active and therefore reduces the business impact if it is compromised.

Vendor

AWS

Cloud Service

API Gateway

Input

{"maxAgeInDays":{"label":"Max API key age in days","value":90,"type":"number"}}

Severity

Item Types

AWS::ApiGateway::ApiKey

Overview​

Vendor​

Cloud Service​

Input​

Severity​

Item Types​