Skip to content

IAM

IAM plays a crucial role in securing your AWS environment. While not directly a cost optimization, removing unused IAM users and roles reduces your attack surface and improves security posture.

Implementation Effort: Low - Estimated time: less than 30 minutes. Deactivate access keys and delete inactive IAM users/roles after verifying no active usage or service dependencies.

What We Detect

  • Inactive IAM Users -- Users who have never logged in or have been inactive for an extended period
  • Unused IAM Roles -- Roles that have not been assumed in a long time, increasing the potential attack surface

Why It Matters

Adhering to the principle of least privilege means regularly reviewing and pruning unused identities. Stale users and roles are a common finding in security audits and represent exploitable access paths.

Recommendations

  1. Deactivate access keys for inactive users
  2. Delete users and roles that are no longer needed
  3. Review credentials regularly as part of your security hygiene

Keep on chasing 🧡