AWS IAM user has administrative privileges and is inactive

iam
이 페이지는 아직 영어로 제공되지 않습니다. 번역 작업 중입니다.
현재 번역 프로젝트에 대한 질문이나 피드백이 있으신 경우 언제든지 연락주시기 바랍니다.

Description

If an IAM user is highly privileged or has administrative privileges and is inactive, this may indicate the role is not regularly used and may be removed.

Rationale

An IAM user with highly privileged or administrative permissions can access all AWS services and resources in the account. A role with these privileges could potentially, whether unknowingly or purposefully, cause security issues or data leaks. IAM users with this level of access may also be targeted by an adversary to compromise the entire AWS account. In the event a user has not be active for an extended period of time, this may indicate that the role is no longer needed and can be removed.

Remediation

Determine if the user is needed for a particular function and if not, remove it.

PREVIEWING: drodriguezhdez/add_public_docs_log_summarization