Our Blog

AWS Security Hub now uncovers identity risks from unused access

Published
May 20, 2026
https://aws.amazon.com/about-aws/whats-new/2026/05/aws-security-hub-unused-access/

AWS Security Hub Updates

AWS Security Hub now integrates identity risk management into its unified console, allowing central security teams to manage threats, exposures, and posture findings alongside identity risks. This update detects unused IAM permissions, roles, and credentials across your AWS organization, helping to identify and reduce identity risk at scale.

When you enable Security Hub for your organization, a service-linked IAM Access Analyzer is automatically created in each member account. Security Hub evaluates IAM principals against 90 days of actual access activity, detects unused access, and correlates identity findings with exposure context. It also provides on-demand generation of recommended least-privilege policies based on actual usage patterns.

What to do

  • Enable Security Hub for your organization to automatically create service-linked IAM Access Analyzers.
  • Review unused access findings in the Security Hub console.
  • Generate recommended least-privilege policies to refine IAM permissions.

Source: AWS release notes




If you need further guidance on AWS, our experts are available at AWS@westloop.io. You may also reach us by submitting the Contact Us form.

Follow our blog

Get the latest insights and advice on AWS services from our experts.

By clicking Sign Up you're confirming that you agree with our Terms and Conditions.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Related posts

Check out other insights from the team at West Loop Strategy.

View all
https://aws.amazon.com/about-aws/whats-new/2026/03/amazon-ec2-high-memory-u7i-instances/

Amazon EC2 High Memory U7i instances now available in additional regions

Amazon EC2 High Memory U7i instances with 8TB of memory (u7i-8tb
Read more
https://aws.amazon.com/about-aws/whats-new/2025/11/aws-network-load-balancer-quic-passthrough-mode/

AWS Network Load Balancer now supports QUIC protocol in passthrough mode

AWS Network Load Balancer (NLB) now supports QUIC protocol in passthrough mode, enabling low-latency forwarding of QUIC traffic while preserving session stickiness through QUIC Connection ID
Read more
https://aws.amazon.com/about-aws/whats-new/2026/03/elastic-beanstalk-deployments-tab/

AWS Elastic Beanstalk launches Deployments tab with in-progress deployment logs

AWS Elastic Beanstalk now provides a Deployments tab in the environment dashboard, giving customers a consolidated view of their deployment history and real-time deployment progress with step-by-step deployment logs
Read more
View all