The IAM console provides information about when IAM users and roles last attempted to access
AWS services. This information is calledservice last accessed data. This data can
help you identify unnecessary permissions so that you can refine your IAM policies to better
adhere to the principle of "least privilege." That means granting the minimum permissions
required to perform a specific task. You can find the data on the Access
Advisor tab in the IAM console by examining the detail view for any IAM
user, group, role, or managed policy