It’s a good idea to rotate your AWS Access Keys regularly, here is a simple script that makes the process easy and painless. For a lot of engineers it’s a compliance requirement to rotate keys on a regular cadence, it also takes a little effort and requires us to remember.
The idea behind the script is simple:
Use current AWS Access Key to retrieve key(s) for current user, write them to a local file
Request a new key
Setup the new key on the local machine
Delete the old access key
To avoid having to remember to rotate regularly, or before I get the compliance naughty email I also have a cronjob configured to run weekly.