Since April 25, 2002, Trusted Advisor refreshes Exposed Access Keys (check ID:
12Fnkpl8Y5) check automatically. This check can’t be refreshed manually from the Trusted Advisor console or the AWS Support API (you will get the response saying the check is not refreshable).
If you created your AWS account after April 25, 2022, the check results for Exposed Access Keys initially shows the gray icon ( ) even for unexposed access keys. This means that Trusted Advisor hasn’t identified any changes to the check.
If Trusted Advisor identifies a resource at risk, the status changes to the action recommended icon ( ). After you fix or delete the resource, the check result shows the check mark icon ( ).
How did I notice that? As we hit the bug in CloudConformity exposed access key check.