AWS Config Rule 'iam-user-unused-credentials-check' Not Evaluating



I've configured the 'iam-user-unused-credentials-check' rule in AWS Config but it doesn't seem to be evaluating. It has been a few days and there are no compliant or non-compliant results. Are there any requirements for this rule to work (such as AWS Config recording enabled or AWS CloudTrail enabled)? Other rules seem to be evaluating (s3-bucket-public-read-prohibited and vpc-sg-open-only-to-authorized-ports).

Thanks for any input.

asked 2 years ago418 views
1 Answer

Is your Config Recorder in that region set to record global resources? This is necessary for IAM resources to show up for a Config Recorder in a region other than us-east-1. (Do you see IAM Users in the recorded Resources?)

Check out the documentation of Selecting Resources for more information.

profile pictureAWS
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions