v1.0 for Steampipe, Powerpipe, Flowpipe, 116 plugins, and 44 mods →
Powerpipe Hub 
Hub
Mods
turbot/aws_compliance
Overview
32Dashboards
1295Controls
585Queries
4Variables
GitHub

Control: 4 IAM root user access key should not exist

Description

This control checks whether user access keys exist for the root user.

Remediation

To delete access keys

  1. Log in to your account using the root user credentials.
  2. Choose the account name near the top-right corner of the page and then choose My Security Credentials.
  3. In the pop-up warning, choose Continue to Security Credentials.
  4. Choose Access keys (access key ID and secret access key).
  5. To permanently delete the key, choose Delete and then choose Yes. You cannot recover deleted keys.
  6. If there is more than one root user access key, then repeat steps 4 and 5 for each key.

Usage

Run the control in your terminal:

powerpipe control run aws_compliance.control.foundational_security_iam_4

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run aws_compliance.control.foundational_security_iam_4 --share

SQL

This control uses a named query:

iam_root_user_no_access_keys

Tags

aws_foundational_security = true
category = Compliance
foundational_security_category = secure_access_management
foundational_security_item_id = iam_4
plugin = aws
service = AWS/IAM