Posted On: Sep 8, 2023
IAM roles last used and IAM last accessed information are now available in the AWS GovCloud (US) Regions. IAM reports the latest timestamp when role credentials were used to make an AWS request. This information makes it easier for you to identify and remove unused roles. IAM also provides the latest timestamp when an IAM user or role used an action. You can use last accessed information to identify unused service and action-level permissions granted to your active roles and refine access for your workloads.
You can use this information through the IAM console or by using APIs with the AWS Command Line Interface (AWS CLI) or a programmatic client. To learn more about this feature, visit AWS Documentation.