AWS Security Hub detects unused IAM permissions and credentials

AWS Security Hub now identifies unused IAM permissions, roles, and credentials across your organization, addressing identity risks at scale. This new capability consolidates identity risk findings with existing security posture information in a single console, enabling teams to prioritize remediation based on actual organizational risk. The feature, included with Security Hub Essentials, automatically creates an IAM Access Analyzer in each member account to evaluate access activity and suggest least-privilege policies.