Query: IAM user credentials that have not been used in 90 days should be disabled

Description

AWS Identity and Access Management (IAM) can help you with access permissions and authorizations by checking for IAM passwords and access keys that are not used for a specified time period.

Query

Tables used in this query:

• aws_iam_credential_report

Controls using this query:

• 1.12 Ensure credentials unused for 90 days or greater are disabled
• 1.3 Ensure credentials unused for 90 days or greater are disabled
• 8 Unused IAM user credentials should be removed
• IAM user credentials that have not been used in 90 days should be disabled

SQL