IAM Root User Should Not Have Access Keys Rule
This rule specifies that IAM root user should not have access keys for security reasons.
| Rule | IAM root user should not have access keys |
| Framework | GxP 21 CFR Part 11 |
| Severity | ✔ Medium |
Rule Description:
The rule states that the root user in IAM (Identity and Access Management) should not have any access keys for GxP (Good Practice) 21 CFR Part 11 compliance. This is to ensure the security and integrity of data in accordance with the regulatory requirements of GxP 21 CFR Part 11.
Troubleshooting Steps (if applicable):
No specific troubleshooting steps are required for this rule as it involves a preventive measure rather than a remedial action.
Necessary Codes (if applicable):
No specific code is required for this rule.
Step-by-step Guide for Remediation:
To ensure compliance with the rule that the IAM root user should not have access keys for GxP 21 CFR Part 11, follow these steps:
- 1.Log in to the AWS Management Console using the root user credentials.
- 2.Open the IAM service from the available services.
- 3.In the IAM dashboard, click on "Users" from the left-hand side navigation menu.
- 4.Locate the root user in the list of users and click on the username to access the user details.
- 5.Under the "Security credentials" tab, you will see the "Access keys" section.
- 6.Ensure that there are no access keys listed for the root user. If there are any keys present, proceed to step 7, otherwise, go to step 10.
- 7.Click on the "Delete access key" button next to each access key listed.
- 8.A confirmation dialog box will appear. Confirm the deletion by clicking on "Delete" to remove the access key.
- 9.Repeat steps 7 and 8 for all access keys associated with the root user.
- 10.Once all access keys have been removed, the IAM root user will no longer have access keys for GxP 21 CFR Part 11 compliance.
Note: It is essential to ensure that appropriate IAM policies and roles are in place to provide necessary access to trusted individual users or roles while adhering to GxP 21 CFR Part 11 compliance requirements.
Conclusion:
By following the above steps, you will successfully prevent the IAM root user from having access keys for GxP 21 CFR Part 11 compliance, ensuring the security and integrity of data in AWS. This compliance measure helps meet regulatory requirements and maintain a robust data protection framework.