A config rule that checks whether your AWS Identity and Access Management (IAM) users have passwords or active access keys that have not been used within the specified number of days you provided. Re-evaluating this rule within 4 hours of the first evaluation will have no effect on the results.

This config rule supports the following parameters:

  • maxCredentialUsageAge
    • Required: Yes
    • Type: int
    • Description:Maximum number of days a credential cannot be used. The default value is 90 days.
    • Default Value: 90

CloudFormation Template