AWS Config Rule 'iam-user-unused-credentials-check' Not Evaluating

Question

Hi,

I've configured the '**iam-user-unused-credentials-check**' rule in AWS Config but it doesn't seem to be evaluating. It has been a few days and there are no compliant or non-compliant results. Are there any requirements for this rule to work (such as AWS Config recording enabled or AWS CloudTrail enabled)? Other rules seem to be evaluating (s3-bucket-public-read-prohibited and vpc-sg-open-only-to-authorized-ports).

Thanks for any input.

Answer

Is your Config Recorder in that region set to record global resources? This is necessary for IAM resources to show up for a Config Recorder in a region other than us-east-1. (Do you see IAM Users in the recorded Resources?)

Check out the documentation of Selecting Resources for more information.

Check out the documentation of [Selecting Resources](https://docs.aws.amazon.com/config/latest/developerguide/select-resources.html) for more information.

AWS Config Rule 'iam-user-unused-credentials-check' Not Evaluating

相关内容