top of page

IAM.8

Unused IAM user credentials should be removed

Severity

Cloud Platforms

Resources

Related Standards

Automated

MEDIUM

AWS

AWS Identity and Access Management

AWS CIS Foundations v1.2, AWS Foundational Best Practice, AWS Well-Architected, AWS Foundational Technical Review, CIS v8, PCI DSS v3.2.1, CDR, ISO27001, SOC2, NIST CSF, NIST.800-53.r5,

YES

This control checks whether your IAM users have passwords or active access keys that were not used within the previous 90 days.

bottom of page