standard
turbot/aws_compliance

Trigger: Detect & correct IAM users with unused access key from 90 days or more

Detects IAM users access key that have been unused for 90 days or more and deactivates them.

Query

select
concat(access_key_id, ' [', account_id, ']') as title,
access_key_id,
user_name,
account_id,
sp_connection_name as conn,
create_date as access_key_create_date,
(
extract(
day
from
now() - create_date
)
) :: text as access_key_create_day
from
aws_iam_access_key
where
create_date <= (current_date - interval '90' day);

Schedule

15m

Tags

category = Compliance
mod = aws
service = AWS/IAM