Aqua CSPM

IAM Role Last Used

Quick Info

Plugin TitleIAM Role Last Used
CloudAWS
CategoryIAM
DescriptionEnsures IAM roles that have not been used within the given time frame are deleted.
More InfoIAM roles that have not been used for a long period may contain old access policies that could allow unintended access to resources if accidentally attached to new services. These roles should be deleted.
AWS Linkhttps://aws.amazon.com/about-aws/whats-new/2019/11/identify-unused-iam-roles-easily-and-remove-them-confidently-by-using-the-last-used-timestamp/
Recommended ActionDelete IAM roles that have not been used within the expected time frame.

Detailed Remediation Steps