⭐ Repository → 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 Identity and Access Management (IAM)

💼 [IAM.4] IAM root user access key should not exist

• ID: /frameworks/aws-fsbp-v1.0.0/iam/04

Description

The root user is the most privileged user in an AWS account. AWS access keys provide programmatic access to a given account.

Similar

• AWS Security Hub
  • https://docs.aws.amazon.com/securityhub/latest/userguide/iam-controls.html#iam-4
• Internal
  • ID: dec-c-cc5a37c2

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 NIST SP 800-53 Revision 5 → 💼 AC-2(1) Account Management _ Automated System Account Management		4	16		no data
💼 NIST SP 800-53 Revision 5 → 💼 AC-3(7) Access Enforcement _ Role-based Access Control			14		no data
💼 NIST SP 800-53 Revision 5 → 💼 AC-3(15) Access Enforcement _ Discretionary and Mandatory Access Control			11		no data
💼 NIST SP 800-53 Revision 5 → 💼 AC-6 Least Privilege	10	23	49		no data
💼 NIST SP 800-53 Revision 5 → 💼 AC-6(2) Least Privilege _ Non-privileged Access for Nonsecurity Functions		4	4		no data
💼 NIST SP 800-53 Revision 5 → 💼 AC-6(10) Least Privilege _ Prohibit Non-privileged Users from Executing Privileged Functions			2		no data
💼 PCI DSS v3.2.1 → 💼 2.1 Always change vendor-supplied defaults and remove or disable unnecessary default accounts before installing a system on the network.	1		8		no data
💼 PCI DSS v3.2.1 → 💼 2.2 Develop configuration standards for all system components. Assure that these standards address all known security vulnerabilities and are consistent with industry-accepted system hardening standards.	5	3	30		no data
💼 PCI DSS v3.2.1 → 💼 7.2.1 Coverage of all system components.			7		no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Policies (1)

Policy	Logic Count	Flags	Compliance
🛡️ AWS Account Root User has active access keys🟢	1	🟢 x6	no data

Internal Rules

Rule	Policies	Flags
✉️ dec-x-0a7801fb	1