turbot/aws_compliance

Query: secretsmanager_secret_automatic_rotation_lambda_enabled

Usage

powerpipe query aws_compliance.query.secretsmanager_secret_automatic_rotation_lambda_enabled

SQL

select
arn as resource,
case
when rotation_rules is not null
and rotation_lambda_arn is not null then 'ok'
else 'alarm'
end as status,
case
when rotation_rules is not null
and rotation_lambda_arn is not null then title || ' scheduled for rotation using Lambda function.'
else title || ' automatic rotation using Lambda function disabled.'
end as reason,
region,
account_id
from
aws_secretsmanager_secret;

Controls

The query is being used by the following controls: