IAM misconfigurations

Unused IAM Role Can be Assumed by External Identity

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

Orca has found that the role {AwsIamRole}, which can be assumed by an AWS identity which is not part of the account, has not been used in the last 90 days. Removing orphaned and unused IAM roles eliminates the risk that a forgotten role will be used accidentally to allow unauthorized users to access AWS resources
  • Recommended Mitigation

    Remove {AwsIamRole}