top of page
IAM.8
Unused IAM user credentials should be removed
Severity
Cloud Platforms
Resources
Related Standards
Automated
MEDIUM
AWS
AWS Identity and Access Management
AWS CIS Foundations v1.2, AWS Foundational Best Practice, AWS Well-Architected, AWS Foundational Technical Review, CIS v8, PCI DSS v3.2.1, CDR, ISO27001, SOC2, NIST CSF, NIST.800-53.r5,
YES
This control checks whether your IAM users have passwords or active access keys that were not used within the previous 90 days.
bottom of page