turbot/aws_compliance

Query: iam_user_console_access_unused_45

Usage

powerpipe query aws_compliance.query.iam_user_console_access_unused_45

SQL

select
user_arn as resource,
case
when not password_enabled then 'ok'
when password_enabled and password_last_used is null then 'alarm'
when password_enabled and password_last_used < (current_date - interval '45' day) then 'alarm'
else 'ok'
end status,
user_name ||
case
when not password_enabled then ' password not enabled.'
when password_enabled and password_last_used is null then ' password created ' || to_char(password_last_changed, 'DD-Mon-YYYY') || ' never used.'
else ' password used ' || to_char(password_last_used, 'DD-Mon-YYYY') || '.'
end as reason
, account_id
from
aws_iam_credential_report;

Controls

The query is being used by the following controls: