Query: Secrets Manager secrets that have not been used in 90 days should be removed

Description

Ensure that AWS Secrets Manager secrets have been accessed within a specified number of days. The rule is non-compliant if a secret has not been accessed in 'unusedForDays' number of days. The default value is 90 days.

Query

Tables used in this query:

• aws_secretsmanager_secret

Controls using this query:

• 3 Remove unused Secrets Manager secrets
• Secrets Manager secrets that have not been used in 90 days should be removed

SQL