Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso
AWS re:Postre:Post

Correct workflow for IAM password expiry email notifications

1

Hello all!

Is there currently a supported way of providing users with password expiry notifications via email? I've started putting something together using Lambda and the IAM credentials report, but that seems like a feature that might already exist - what would be the correct way to implement this?

Temas
AWS Well-Architected FrameworkSeguridad, identidad y cumplimiento
Etiquetas
SeguridadPolíticas de IAM
Idioma
English
danielpodwysocki
preguntada hace 2 años295 visualizaciones
1 Respuesta
0

Hello danielpodwysocki,

You seem to be on the right track with putting something together using Lambda and IAM credentials report, although IAM Management console does include a 15 day warning for password expiration on IAM user accounts[1], I think this is not sufficient for what you are trying to accomplish. This is a third party link that will provide some more detail on creating a script that would allow for you to utilize Lambda to create an email notification workflow[2].

Let me know if you have any other questions.

References: [1]https://aws.amazon.com/blogs/security/new-iam-features-enhanced-password-management-and-credential-reports/#:~:text=Users%20are%20notified%20starting%2015,access%20the%20AWS%20Management%20Console. [2]https://stackoverflow.com/questions/58082159/how-to-notify-iam-users-when-password-access-keys-expire

Michael_O
respondido hace 2 años

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas

Contenido relevante