AWS IAM access key hasn't been used for at least 90 days Affecting IAM service in AWS

Severity Framework Snyk CCSS

Rule category IAM / Authentication

Is your enviroment affected by this misconfiguration?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Frameworks

AWS-Well-Architected CIS-AWS CSA-CCM HIPAA ISO-27001 PCI-DSS SOC-2

Snyk ID SNYK-CC-00204
credit Snyk Research Team

Report a new misconfiguration Found a mistake?

Description

AWS IAM access keys unused for 90 days or more should be rotated or disabled. It is recommended that all credentials that have not been used in 90 or more days be removed or deactivated.

How to fix?

Remove unused aws_iam_access_key from your Terraform configuration and run terraform apply.

Terraform

Resource: aws_iam_user
Resource: aws_iam_access_key

References

Managing access keys for IAM users