v1.0 for Steampipe, Powerpipe, Flowpipe, 116 plugins, and 44 mods →
Powerpipe Hub 
Hub
Mods
turbot/ibm_compliance
Overview
1Dashboards
67Controls
20Queries
0Variables
GitHub

Control: 1.2 Ensure API keys unused for 180 days are detected and optionally disabled

Description

Monitor API key usage in your account and search for API keys that are unused or used infrequently.

Remediation

You must create an instance of the Activity Tracker with LogDNA service in the Frankfurt region to start tracking IAM events. Use a minimum of a 7-day event search.

Usage

Run the control in your terminal:

powerpipe control run ibm_compliance.control.cis_v100_1_2

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run ibm_compliance.control.cis_v100_1_2 --share

SQL

This control uses a named query:

manual_control

Tags

category = Compliance
cis = true
cis_item_id = 1.2
cis_level = 1
cis_section_id = 1
cis_type = manual
cis_version = v1.0.0
plugin = ibm
service = IBM/IAM