AWS IAM user password hasn't been used for at least 90 days Affecting IAM service in AWS

Snyk CCSS

IAM / Authentication

Is your enviroment affected by this misconfiguration?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Frameworks

AWS-Well-Architected CIS-AWS CIS-Controls CSA-CCM HIPAA ISO-27001 PCI-DSS SOC-2

Snyk ID SNYK-CC-00130
credit Snyk Research Team

Report a new misconfiguration Found a mistake?

Description

AWS IAM user passwords unused for 90 days or more should be disabled. It is recommended that all credentials that have not been used in 90 or more days be removed or deactivated.

How to fix?

Remove unused aws_iam_user_login_profile from your Terraform configuration and run terraform apply.

Terraform

Resource: aws_iam_user
Resource: aws_iam_user_login_profile

References

Managing user passwords in AWS

AWS IAM user password hasn't been used for at least 90 days Affecting IAM service in AWS

Severity

Description

How to fix?

Terraform

References