Ensure access keys not used in the past 30 days are disabled

Access keys that are not currently being used should be disabled or deleted. For this reason it is considered a security best practice to ensure the account is not used and monitor its usage. Ensuring that the root account is not used will help you with CIS and NIST Compliance.

Audit & Remediation

  • Login into your AWS account.
  • Navigate to the IAM service at: https://console.aws.amazon.com/iam
  • On the left hand panel, navigate to Access reports, the select Credential report.
  • Select the button Download Report.
  • Open up the excel spreadsheet that was downloaded and filter for access_key_1_last_used_date or access_key_2_last_used_date greater then 30 days.

 

 

  • Mark the access key inactive for any key that is beyond the 30 days.
  • Repeat the outlined steps in each of your accounts.
See all of your AWS EC2 Instances in a single place!

Do you want to see all of your AWS EC2 Instances in once place for all regions and all accounts?
Login to our online demo to see exactly what this looks like.
demo.intelligentdiscovery.io

 

Other Key Features

Inventory

Consolidate your inventory management with consistent and frequent security logs, inventories, and change logs. Dashboard reporting for extensive analytical value.

learn more +

Cost & Usage

Access consolidated capacity, cost, and volume tools in a scaling environment without impacting production or breaking the bank.

learn more +