turbot/alicloud_compliance

Control: 1.2 Ensure no root account access key exists

Description

Access keys provide programmatic access to a given Alibaba Cloud account. It is recommended that all access keys associated with the root account be removed.

Remediation

From Console

Perform the following to delete or disable active root access keys:

  1. Logon to RAM console by using your Alibaba Cloud account (root account).
  2. Move the pointer over the account icon in the upper-right corner and click AccessKey.
  3. Click Continue to manage AccessKey.
  4. On the Security Management page, find the target access keys and perform the following operations:
    • Click Disable to disable the target access keys temporarily.
    • Click Delete to delete the target access keys permanently.

Usage

Run the control in your terminal:

powerpipe control run alicloud_compliance.control.cis_v100_1_2

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run alicloud_compliance.control.cis_v100_1_2 --share

SQL

This control uses a named query:

ram_root_account_no_access_keys

Tags