Which solution will meet these requirements with the LEAST effort?
Use AWS Identity and Access Management Access Analyzer to generate a new IAM policy based on the IAM user’s AWS CloudTrail history. Replace the IAM user policy with the newly generated policy.
Use AWS Identity and Access Management Access Analyzer to generate a new IAM policy based on the IAM user’s AWS CloudTrail history. Attach the newly generated policy as a permissions boundary to the IAM user.
Use AWS Identity and Access Management Access Analyzer to discover the last accessed information for the IAM user and to create a new IAM policy that allows only the services and actions that the last accessed review identified. Replace the IAM user policy with the newly generated policy.
Use AWS Identity and Access Management Access Analyzer to discover the last accessed information for the IAM user and to create a new IAM policy that allows only the services and actions that the last accessed review identified. Attach the newly generated policy as a permissions boundary to the IAM user.
Based on what I know, the answer is:
Use AWS Identity and Access Management Access Analyzer to generate a new IAM policy based on the IAM user’s AWS CloudTrail history. Attach the newly generated policy as a permissions boundary to the IAM user.