Unused credentials should be deactivated or removed

Cette page n'est pas encore disponible en français, sa traduction est en cours.
Si vous avez des questions ou des retours sur notre projet de traduction actuel, n'hésitez pas à nous contacter.

Description

AWS IAM users can access AWS resources using various types of credentials, such as passwords and access keys. Datadog recommends that you deactivate or remove all credentials that are unused for 45 or more days to enhance security.

Disabling or removing unnecessary credentials reduces the window of opportunity for compromised or abandoned accounts to be exploited, enhancing the security posture of the AWS environment.

Remediation

For instructions on managing and deactivating unused IAM credentials, refer to AWS documentation on handling unused credentials.