This rule ensures that IAM groups have at least one user assigned to them.
Rule | IAM groups should have at least one user |
Framework | GxP 21 CFR Part 11 |
Severity | ✔ High |
IAM Group User Requirement for GxP 21 CFR Part 11 Compliance
Description:
To comply with the requirements of GxP 21 CFR Part 11, IAM (Identity and Access Management) groups should have at least one user assigned to them. This ensures proper accountability, traceability, and control over sensitive data and system operations.
Troubleshooting Steps:
If you encounter issues related to compliance with this rule, follow these troubleshooting steps:
Remediation Steps:
To remediate the non-compliance with this rule, follow these steps:
Recommended CLI Commands (if applicable):
aws iam list-groups
aws iam get-group --group-name <group-name>
aws iam add-user-to-group --user-name <user-name> --group-name <group-name>
aws iam create-user --user-name <user-name>
Note: Replace
<group-name>
with the name of the IAM group and <user-name>
with the desired username.By following these steps and using the mentioned CLI commands where applicable, you can ensure compliance with the IAM group user requirement for GxP 21 CFR Part 11.