AWS have deployed a fix to the GenerareCredentialReport, They are going to ramp up the traffic to the API over the next few days, yet they only reduced some of latencies and error rates and not fully resolved the issue. They expect to continue and ramp up the traffic to the API over the next few days.
This mean some of the IAM information might be updated yet this is still not in a regular and guaranteed intervals.
Posted May 13, 2018 - 07:55 UTC
Identified
AWS has blocked their IAM credential report API (generate-credential-report ) for all customers. Calls to that API will receive LimitExceeded exception, therefore there is no way to fetch some of the IAM related properties until AWS resolves this issue. We are working with AWS support [Case 5057948981], and were notified that they have identified a solution and actively testing it in order to unblock the API. Still, there is no ETA on AWS side to resolve the issue.
How this affects your compliance visibility? Some of the IAM information is still regularly updated and can be evaluated, including permissions and other information, yet the following properties will not get updated until this issue is resolved.