What is IAM Credential Report?
The credential report is an account-level CSV listing every IAM user and the status of their passwords, access keys, and MFA devices.
The report is the fastest way to answer audit questions across all users at once: who has console access, whose access keys are old or unused, who is missing MFA, and which credentials have never been used. It is generated on demand and covers the whole account.
Reviewing it on a schedule surfaces stale and risky credentials before they become an incident. It pairs well with Access Advisor, which adds which services each principal actually uses.
Example
aws iam generate-credential-report && aws iam get-credential-reportCommon mistake
Auditing users one at a time. The credential report gives an account-wide view in a single CSV, which is far harder to overlook gaps in.
Related terms
Analyze a real policy free
Shieldly's AI-Powered analyzer explains why an IAM policy is risky and returns the fix in seconds. No signup, no AWS credentials. Also ships as CLI, VS Code extension, GitHub Action, and CDK Guard.
Amazon Web Services (AWS) is a trademark of Amazon.com, Inc. Shieldly is not affiliated with, endorsed by, or sponsored by Amazon Web Services.