IAM Ghost Roles: The Forgotten Cleanup and a Custom Toolkit to Fix It

Hunting Down Orphaned Identities IAM Housekeeping is a topic often overlooked when hosting several AWS accounts. I’m pretty sure most of us have granted a policy too many permissions to “make sure” that it works when being under time pressure and then forget about it - at least I did. But often also orphaned roles and policies are laying around in our accounts which have been automatically deployed when creating another resource which now doesn’t exist anymore. This for example is the case for L