Impact of IAM Password Expiry Policy on Access Keys and Secret Keys

0

I'm using AWS Textract with IAM user credentials (access key and secret key). In AWS Security Hub, I see a control that recommends ensuring the IAM password policy expires passwords within 90 days or less. If I set a policy to expire passwords, will the expiration of a user's password affect the functionality of their access key and secret key? Specifically, will the access key and secret key continue to work even if the user's password has expired?

2 Answers
1
Accepted Answer

Password expiry only affects passwords for the IAM user, not access and secret keys.

profile pictureAWS
EXPERT
answered 3 months ago
profile picture
EXPERT
reviewed 3 months ago
1

Hi Tates,

The expiration of an IAM user’s password will not affect the functionality of their access key and secret key. The access keys will continue to work for programmatic access even if the user's password has expired, as these are separate authentication mechanisms.

https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html#Using_RotateAccessKey

EXPERT
answered 3 months ago
EXPERT
reviewed 3 months ago
profile picture
EXPERT
reviewed 3 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions