The following Python script will help to list all the AWS IAM roles with the last used date. If the role is not been used, it will show 'Never used" instead of date. You will require Python3.8 or above to run the script. I prefer to use Tabulate to format the output in to table format. You can format the output in to HTML or even convert in to CSV file too. Let's start the script to list all IAM role and its last used date. import boto3 import time from tabulate import tabulate Once you've imported the boto3, time and tabulate module, let's setup the AWS session using the AWS config profile and region name. session = boto3 . Session ( profile_name = profile , region_name = region ) iam_client = session . client ( 'iam' ) # use paginator if you have long list of IAM roles paginator = iam_client .get_paginator( 'list_roles' ) iterator = paginator .paginate() The following lines will help to setup the header row of the table in the output. In