Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

IAM Root User Should Not Have Access Keys Rule

This rule states that the IAM root user should not have access keys for better security measures.

RuleIAM root user should not have access keys
FrameworkFedRAMP Moderate Revision 4
Severity
Medium

Rule Description:

The IAM (Identity and Access Management) root user should not have access keys for FedRAMP (Federal Risk and Authorization Management Program) Moderate Revision 4. Access keys provide programmatic access to AWS services and resources. Disabling access keys for the root user is a security best practice as it reduces the risk of unauthorized access and potential security breaches.

Remediation Steps:

To remediate this rule, you need to follow the steps below:

Step 1: Log in to the AWS Management Console

Use your AWS root account credentials to log in to the AWS Management Console.

Step 2: Navigate to the IAM service

Click on "Services" in the top navigation menu, search for "IAM" in the search bar, and click on "IAM" from the search results.

Step 3: Access the IAM Users page

In the IAM console, click on "Users" in the left-hand navigation menu to access the IAM Users page.

Step 4: Disable access keys for the root user

  • Find the root user in the list of users and click on it.
  • Click on the "Security credentials" tab.
  • In the "Access keys" section, check if there are any access keys present.
  • If there are access keys listed, select the key(s) and click on "Delete access key" from the "Actions" drop-down menu. Confirm the deletion when prompted.

Step 5: Validate the remediation

  • Refresh the page to ensure that the access keys for the root user have been successfully deleted.
  • Check that there are no access keys displayed for the root user.

Troubleshooting:

If there are any issues or errors encountered during the remediation process, follow these troubleshooting steps:

Issue: Unable to access the IAM service

  • Ensure that you are logged in to the AWS Management Console with the correct root account credentials.
  • Check if the IAM service is accessible by trying to access other services to ensure it is not a broader issue.
  • If the issue persists, contact AWS support for further assistance.

Issue: Unable to find the root user in the IAM Users page

  • Double-check that you are accessing the IAM Users page and searching for the root user correctly.
  • Verify that you have the necessary permissions to view and manage IAM users. You might need to consult with your AWS account administrator.
  • If the issue persists, consult AWS documentation or contact AWS support for guidance.

Issue: Unable to delete access keys for the root user

  • Confirm that you have selected the correct access key(s) that belong to the root user.
  • Check if you have the necessary permissions to delete access keys for IAM users. Ensure that you have the required IAM policy attached to your user.
  • If the issue persists, consult AWS documentation or contact AWS support for further assistance.

Conclusion:

Disabling access keys for the IAM root user eliminates the risk of unauthorized access and enhances the overall security of your AWS environment, aligning with the FedRAMP Moderate Revision 4 requirements. By following the remediation steps and troubleshooting if necessary, you can ensure that the IAM root user does not have any access keys associated with it.

Is your System Free of Underlying Vulnerabilities?
Find Out Now