Correct workflow for IAM password expiry email notifications

Hello danielpodwysocki,

You seem to be on the right track with putting something together using Lambda and IAM credentials report, although IAM Management console does include a 15 day warning for password expiration on IAM user accounts[1], I think this is not sufficient for what you are trying to accomplish. This is a third party link that will provide some more detail on creating a script that would allow for you to utilize Lambda to create an email notification workflow[2].

Let me know if you have any other questions.

References: [1]https://aws.amazon.com/blogs/security/new-iam-features-enhanced-password-management-and-credential-reports/#:~:text=Users%20are%20notified%20starting%2015,access%20the%20AWS%20Management%20Console. [2]https://stackoverflow.com/questions/58082159/how-to-notify-iam-users-when-password-access-keys-expire