Identify and remediate public cloud compliance misconfigurations, mitigate security threats and control your expenses from one simple, easy to use platform.
iam-user-016
Last Updated:
April 21, 2022
An Identity Access and Management (IAM) user created within the last 24 hours has an access key. An IAM user access key could be exploited by a malicious actor to access an environment programmatically. An access key attached to a new IAM user may indicate that the AWS console is configured to create new access keys by default. Key generation on new IAM user creation should be disabled to avoid the proliferation of unnecessary IAM user access keys. IAM user access keys that are not required should be deleted.
