Ensure users that have not logged in the past 30 days are disabled

Users that are currently not using the AWS console should be disabled or deleted. For this reason it is considered a security best practice to ensure the account is not used and monitor its usage. Ensuring that the root account is not used will help you with CIS and NIST Compliance.

Audit & Remediation

  • Login into your AWS account.
  • Navigate to the IAM service at: https://console.aws.amazon.com/iam
  • On the left hand panel, navigate to Access reports, the select Credential report.
  • Select the button Download Report.
  • Open up the excel spreadsheet that was downloaded and filter for password_enabled set to TRUE and look for password_last_used greater then 30 days.



  • Disable the user account for anyone past 30 days.
  • Repeat the outlined steps in each of your accounts.
See all of your AWS EC2 Instances in a single place!

Do you want to see all of your AWS EC2 Instances in once place for all regions and all accounts?
Login to our online demo to see exactly what this looks like.


Other Key Features


Consolidate your inventory management with consistent and frequent security logs, inventories, and change logs. Dashboard reporting for extensive analytical value.

learn more +

Cost & Usage

Access consolidated capacity, cost, and volume tools in a scaling environment without impacting production or breaking the bank.

learn more +