AWS — IAM Credential Reports

Image you have an organisation with thousands of employees and an auditor comes round and requests information on all the employees within AWS or you’re a small to medium sized company and you want to know if you are doing IAM well.

Well, it’s pretty quick and really valuable. You can use a credential report, which will provide the following:

Passwords

• when the password was last used
• when the password was last changed
• wherever the password is enabled
• when the password should be changed next

Access Keys

• wherever an access key is active
• when the access key was last used
• when the access key was last rotated
• what service the access key was last used on

MFA — Multi Factor Authentication

• wherever the MFA is enabled

This sounds useful, right? this is how you do it…

1. Go to security, Identity, & Compliance -> IAM

2. Click Credential report on the right hand side navigation

3. Download report, this will download all of the information within a csv

That’s it!