Playbook: AWS Disable User Accounts
Description
Disable a list of AWS IAM user accounts. After checking the list of accounts against an allowlist and confirming with an analyst, each account is disabled. The change can be reversed with the enable user
action.
Apps
How To Implement
This playbook works with the community playbook aws_find_inactive_users using the usernames discovered by that playbook. Change the prompt block from admin to the correct analyst user or role. You should create a custom list called aws_inactive_user_allowlist. Any user names in that list will be ignored by this playbook.
Explore Playbook
Click the playbook screenshot to explore in more detail!
Required fields
- aws_username
Reference
source | version: 1