- 최신
- 최다 투표
- 가장 많은 댓글
You can use the usual tags on a secret. https://docs.aws.amazon.com/secretsmanager/latest/userguide/managing-secrets_tagging.html#
You could set a date of when the password was last changed than when it’s due to expire and then using a lambda function which can run via an event Bridge cron schedule, have it enumerate all secrets in question and check the last changed date and carry out a date diff from password last changed to today’s date is greater than X days then create message in sns which in turn is sent to a subscriber.
This way you can easily change the duration in your lambda because it’s based on X days since last changed if your password policy ever changes .
You could also obtain the date of the secret was last updated too. That’s another option than using tags.
관련 콘텐츠
- AWS 공식업데이트됨 일 년 전
- AWS 공식업데이트됨 2년 전
- AWS 공식업데이트됨 2년 전