- 新しい順
- 投票が多い順
- コメントが多い順
You can use the usual tags on a secret. https://docs.aws.amazon.com/secretsmanager/latest/userguide/managing-secrets_tagging.html#
You could set a date of when the password was last changed than when it’s due to expire and then using a lambda function which can run via an event Bridge cron schedule, have it enumerate all secrets in question and check the last changed date and carry out a date diff from password last changed to today’s date is greater than X days then create message in sns which in turn is sent to a subscriber.
This way you can easily change the duration in your lambda because it’s based on X days since last changed if your password policy ever changes .
You could also obtain the date of the secret was last updated too. That’s another option than using tags.
関連するコンテンツ
- AWS公式更新しました 3年前
- AWS公式更新しました 1年前