Credential Report
💡 Definition
An IAM Credential Report lists all your account's users and the status of their various credentials, including passwords, access keys, and MFA devices.
🔑 Key Concepts
- Audit Tool: Helps you audit the security of your AWS account.
- CSV Format: You download the report as a CSV file.
- Comprehensive: Lists every user in the account.
⚙️ How it Works
You generate the report from the IAM console or CLI. It shows details like: * When the user was created. * Whether MFA is enabled. * When the password was last used/rotated. * When access keys were last used/rotated.
🎯 Use Cases
- Security Audit: Identifying users who have not rotated their passwords in a long time.
- MFA Compliance: Finding users who do not have MFA enabled.
- Cleanup: Identifying unused accounts (users who haven't logged in for months).
💰 Pricing Model
- Free feature of IAM.
📝 Exam Tips (CLF-C02)
- Used for auditing credential status.
- Helps verify if MFA is enabled for users.
- Helps identify stale/unused credentials.
See Also: * IAM * MFA * AWS Config