<p>AWS Access Advisor is a tool to evaluate the least privileged principle is applied for users, groups, and roles. It shows the services that users can access with equivalent permission. You can find when those services were last accessed which also helps to review and remove unused permission. The tracking period for service information is the last 400 days.</p>
<h3 id="access-advisor-in-aws-console">Access advisor in AWS console</h3>
<p>Login to AWS console &gt; select user &gt; click on 'Access Advisor' .</p>
<p><img src="https://cdn.hashnode.com/res/hashnode/image/upload/v1611062498534/KzlPQGOA3.png" alt="access-advisor.png" /></p>
<p>You can review IAM policies and roles that haven't been used in the last N number of days. And, you can delete them.</p>


AWS Access Advisor is a tool to evaluate the least privileged principle is applied for users, groups, and roles. It shows the services that users can access with equivalent permission. You can find when those services were last accessed which also helps to review and remove unused permission. The tracking period for service information is the last 400 days.

### Access advisor in AWS console
Login to AWS console > select user > click on 'Access Advisor' .

![access-advisor.png](https://cdn.hashnode.com/res/hashnode/image/upload/v1611062498534/KzlPQGOA3.png)

You can review IAM policies and roles that haven't been used in the last N number of days. And, you can delete them.


