The IAM console now displays service last accessed data that shows the hour when an IAM entity (a user, group, or role) last accessed an AWS service. Knowing if, and when an IAM entity last exercised a permission can help you remove unnecessary rights and tighten your IAM policies with less effort. This helps you write more secure access control policies that better adhere to the principle of least privilege—that is, granting only the permissions required to perform a task.
from What's New from Amazon Web Services http://ift.tt/1YZqxuN
No comments:
Post a Comment