Last Login Check
Rule Details
Parameter |
Description |
---|---|
Rule Name |
iam-user-last-login-check |
Identifier |
iam-user-last-login-check |
Description |
If an IAM user has not logged in to the system within the specified period of time, this user is non-compliant. |
Tag |
iam |
Trigger Type |
Periodic |
Filter Type |
iam.users |
Configure Rule Parameters |
allowedInactivePeriod: the specified period of time. The value must be an integer. The default value is 90. |
Applicable Scenario
This rule helps you identify idle IAM users to improve account security
Solution
You can use noncompliant IAM users to log in to Huawei Cloud console or delete these users as needed. For more details, see Logging In as an IAM User and Deleting an IAM User.
Rule Logic
- If an IAM user is disabled, this user is compliant.
- If an IAM user is not allowed to access the management console, this user is compliant.
- If an enabled IAM user who is allowed to access the management console has logged in to the system within the specified period of time, this user is compliant.
- If an enabled IAM user who is allowed to access the management console has not logged in to the system within the specified period of time, this user is noncompliant.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot