Benchmark: 4.7 Manage Default Accounts on Enterprise Assets and Software
Description
Manage default accounts on enterprise assets and software, such as root, administrator, and other pre-configured vendor accounts. Example implementations can include: disabling default accounts or making them unusable.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-aws-complianceStart the Powerpipe server:
steampipe service startpowerpipe serverOpen http://localhost:9033 in your browser and select 4.7 Manage Default Accounts on Enterprise Assets and Software.
Run this benchmark in your terminal:
powerpipe benchmark run aws_compliance.benchmark.cis_controls_v8_ig1_4_7Snapshot and share results via Turbot Pipes:
powerpipe benchmark run aws_compliance.benchmark.cis_controls_v8_ig1_4_7 --shareControls
- IAM root user MFA should be enabled
- VPC security groups should restrict ingress SSH access from 0.0.0.0/0