AWS Config Rules: IAM User Unused Credentials Check
IAM_USER_UNUSED_CREDENTIALS_CHECK
Fernando Honig
Last Update há 8 meses
Description: Checks if your AWS Identity and Access Management (IAM) users have passwords or active access keys that have not been used within the specified number of days you provided.
Trigger type: Periodic
AWS Region: All supported AWS regions
How to Resolve Manually
This config rule checks if IAM users have passwords or active access keys that have not been used within 30 days.
To resolve this manually, sign up to your AWS Management Console and go to IAM (Identity and Access Management) service.
Select the non-compliant User and reset the password, revoke the Access Key or just delete the User.
How to Resolve with StackZone
StackZone can remediate this AWS Config Rule for you by allowing StackZone to automatically disable passwords older than 30 days and/or deactivate keys of that same age.
To enable this remediation, head on over to Provisioning > Baseline Services > AWS Config Rules Global > IAM and enable IAM User Unused Credential Remediation
Want to know more about StackZone and how to make your cloud management simple and secure?
Check our how it works section with easy to follow videos or just create your own StackZone Account here
