Ensure credentials unused for 45 days or greater are disabled

Rating	🛑 - High

Description

Credentials refer to passwords or access keys.

Vulnerability

Unused credentials indicate a user account that may not be in use. Accounts that are not in use should be removed to reduce the risk of account compromise.

Remediation

Follow AWS Best practices to remove unused credentials

References

• AWS CIS v.1.4.0 - 1.12

Links

• https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_finding-unused.html
• https://d0.awsstatic.com/whitepapers/compliance/AWS_CIS_Foundations_Benchmark.pdf#page=16