1 of 1

AWS Plugin

Rotate AWS Passwords and Keys

Keeper has also launched a zero-trust Password Rotation feature with KeeperPAM. This new capability is recommended for most password rotation use cases. The Documentation is linked below:

Password Rotation with KeeperPAM
Commander

Prerequisites

1. Install AWS CLI package

2. Configure AWS CLI package

Install AWS CLI if necessary

Configure AWS Connection with the AWS CLI

You need to configure your AWS environment on the environment with an account that has administrative privileges in order to modify the Password for the specified user.

Prepare Records for Rotation

Create a Record for Rotation

Rotation supports legacy and typed records. Additional fields may be added depending on the rotation type as well. See the instructions below.

See the section for more information on legacy vs typed records

Rotation Types

Rotate AWS Keys

To run a rotation of AWS Keys, use the rotate command in Commander. Pass the command a record title or UID (or use --match with a regular expression to rotate several records at once)

The plugin can be supplied to the command as shown here, or added to a record field (see options below). Adding the plugin type to the record makes it possible to rotate several records at once with different plugins.

Additional Rotation Options

The following optional values can customize rotation parameters. Add these options to a record as text fields and set the label to correspond to the parameter as shown in the table.

For an easier time creating new AWS rotation records, create a custom record type with the text type fields defined

Label

Value

Comment

Output

After rotation is completed, the Access Key ID and Secret Key are stored in custom fields on the record with labels: cmdr:aws_key_id and cmdr:aws_key_secret.

Any Keeper user or Keeper Shared Folder associated with the record is updated instantly.

Label

Value

The 'Password' field is ignored when rotating keys

Rotate AWS Passwords

To run a rotation of AWS passwords, use the rotate command in Commander. Pass the command a record title or UID (or use --match with a regular expression to rotate several records at once)

Additional Rotation Options

The following optional values can customize rotation parameters. Add these options to a record as text fields and set the label to correspond to the parameter as shown in the table.

Name

Value

Comment

Output

The Password field of the Keeper record contains a new password to AWS account.

AWS Plugin

Rotate AWS Passwords and Keys

Keeper has also launched a zero-trust Password Rotation feature with KeeperPAM. This new capability is recommended for most password rotation use cases. The Documentation is linked below:

Password Rotation with KeeperPAM
Commander

Prerequisites

1. Install AWS CLI package

2. Configure AWS CLI package

Install AWS CLI if necessary

Configure AWS Connection with the AWS CLI

You need to configure your AWS environment on the environment with an account that has administrative privileges in order to modify the Password for the specified user.

Prepare Records for Rotation

Create a Record for Rotation

Rotation supports legacy and typed records. Additional fields may be added depending on the rotation type as well. See the instructions below.

See the section for more information on legacy vs typed records

Rotation Types

Rotate AWS Keys

To run a rotation of AWS Keys, use the rotate command in Commander. Pass the command a record title or UID (or use --match with a regular expression to rotate several records at once)

Additional Rotation Options

The following optional values can customize rotation parameters. Add these options to a record as text fields and set the label to correspond to the parameter as shown in the table.

For an easier time creating new AWS rotation records, create a custom record type with the text type fields defined

Label

Value

Comment

Output

After rotation is completed, the Access Key ID and Secret Key are stored in custom fields on the record with labels: cmdr:aws_key_id and cmdr:aws_key_secret.

Any Keeper user or Keeper Shared Folder associated with the record is updated instantly.

Label

Value

The 'Password' field is ignored when rotating keys

Rotate AWS Passwords

To run a rotation of AWS passwords, use the rotate command in Commander. Pass the command a record title or UID (or use --match with a regular expression to rotate several records at once)

Additional Rotation Options

The following optional values can customize rotation parameters. Add these options to a record as text fields and set the label to correspond to the parameter as shown in the table.

Name

Value

Comment

Output

The Password field of the Keeper record contains a new password to AWS account.