- Newest
- Most votes
- Most comments
What is the process you use to remove user profile from AWS account? If you are deleting the IAM user, this will also delete all its user data, security credentials and inline policies. You can take additional steps before deleting the user to list all access keys for a specific user: https://docs.aws.amazon.com/cli/latest/reference/iam/list-access-keys.html And then, delete the returned list: https://docs.aws.amazon.com/IAM/latest/APIReference/API_DeleteAccessKey.html
Are you using federated login? AD users are not IAM users and they don't get assigned secret keys or access keys. They might request temporary credentials but these last 12 hours only and they have to be federated. If the user account is no longer in AD, that will break it. https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html
More information about the process how the person was provided with access key and secret key. Could the credentials pair belong to another operational AIM user and not the AD profile. https://repost.aws/knowledge-center/adfs-grant-ad-access-api-cli
Relevant content
- asked 2 months ago
- asked a year ago
AWS OFFICIALUpdated 2 years ago- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago
The User is removed from AD group.Thanks for your response however how this can be automated - the action of auto deactivating the access key and secret access key?