New IAM Users with Access Key Less than 24 Hours

Tenacity Id

Risk Level

Categories

iam-user-016

1

Last Updated:

April 21, 2022

An Identity Access and Management (IAM) user created within the last 24 hours has an access key. An IAM user access key could be exploited by a malicious actor to access an environment programmatically. An access key attached to a new IAM user may indicate that the AWS console is configured to create new access keys by default. Key generation on new IAM user creation should be disabled to avoid the proliferation of unnecessary IAM user access keys. IAM user access keys that are not required should be deleted.