v1.0 for Steampipe, Powerpipe, Flowpipe, 116 plugins, and 44 mods →
Powerpipe Hub 
Hub
Mods
turbot/ibm_compliance
Overview
1Dashboards
67Controls
20Queries
0Variables
GitHub

Control: 1.15 Minimize the number of Service IDs with admin privileges in the account

Description

Comply with the principle of granting least privilege by using Access Groups to manage admin privileges and by avoiding the use of many Service IDs with Administrative Privileges.

Remediation

From Console

  1. Log in to IBM Cloud
  2. From the Menu bar, click Manage > Access(IAM).
  3. Click Service IDs and select a Service ID by clicking on the Service ID name.
  4. Click on the Access Policies tab.
  5. View the access policies assigned to the User to verify if that Service ID has Administrator Role assigned.
  6. If there are many such Service IDs with Administrative privileges, select to remove the Administrative privilege or Remove that Service ID from the list of Service IDs.

Usage

Run the control in your terminal:

powerpipe control run ibm_compliance.control.cis_v100_1_15

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run ibm_compliance.control.cis_v100_1_15 --share

SQL

This control uses a named query:

manual_control

Tags

category = Compliance
cis = true
cis_item_id = 1.15
cis_level = 1
cis_section_id = 1
cis_type = manual
cis_version = v1.0.0
plugin = ibm
service = IBM/IAM