IAM Users Inactive

Tenacity Id

Risk Level

Categories

iam-user-002

1

Last Updated:

April 21, 2022

An Identity Access and Management (IAM) user password has not been used in the past 30 days. An inactive IAM user could be compromised by an attacker to gain access to an environment. Inactive IAM users should be deleted or have their passwords and access keys removed.