Ensure that the access to your AWS services and resources is made only through individual IAM users instead of the root account.
This rule can help you with the following compliance standards:
- NIST 800-53 (Rev. 4)
This rule resolution is part of the Cloud Conformity Security & Compliance tool for AWS
Using individual IAM users (with specific set of permissions) to access your AWS environment will eliminate the risk of compromising your root account credentials. To protect your AWS root account and adhere to IAM security best practices, Cloud Conformity strongly recommends creating IAM users for everyday work with AWS in order to avoid using the root credentials.
To determine if there are any IAM users created in your AWS account, perform the following:
Remediation / Resolution
To create IAM users necessary for everyday access to your AWS account, perform the following:Note: As example, a new IAM user with administrative privileges will be created to eliminate the need for using the root account. However, it is recommended to create individual IAM users for all the different roles within your organization such as administrators, developers, security and compliance managers, etc.
- AWS Documentation
- AWS Identity and Access Management FAQs
- IAM Best Practices
- AWS Security Audit Guidelines
- Managing IAM Users
- Creating an IAM User in Your AWS Account
- AWS Command Line Interface (CLI) Documentation
- AWS Blog(s)
- Adhere to IAM Best Practices in 2016
Unlock the Remediation Steps
Gain free unlimited access
to our full Knowledge Base
Over 750 rules & best practices
You are auditing:
IAM User Present
Risk level: Medium