IAM Root User No Access Keys Rule
This rule ensures the IAM root user does not have access keys for enhanced security.
| Rule | IAM root user should not have access keys |
| Framework | NIST 800-53 Revision 5 |
| Severity | ✔ Medium |
Rule Description:
IAM root user should not have access keys for NIST 800-53 Revision 5.
Access keys are long-term credentials used by AWS Identity and Access Management (IAM) users or AWS services to make programmatic calls to AWS services.
In order to comply with NIST 800-53 Revision 5, it is recommended to disable access keys for the root user. The root user is highly privileged and has unrestricted access to all resources in an AWS account, and hence should not be using access keys for security reasons.
Troubleshooting Steps (if any):
No specific troubleshooting steps are required for this rule.
Necessary Code (if any):
No specific code is required for this rule.
Remediation:
Step 1:
- 1.Login to the AWS Management Console with the root user credentials.
Step 2:
- 1.Open the IAM service by searching for "IAM" in the AWS Management Console search bar and selecting "IAM" from the results.
Step 3:
- 1.In the left navigation menu, click on "Users".
Step 4:
- 1.In the list of users, locate and select the root user.
Step 5:
- 1.On the "Summary" tab, scroll down to the "Security credentials" section.
Step 6:
- 1.Under "Access keys", if any access keys are listed, select the access key and click on the "Delete" button.
Step 7:
- 1.A confirmation prompt will appear, click on "Yes, delete" to confirm the deletion.
Step 8:
- 1.Verify that no access keys are listed under the "Access keys" section for the root user.
Conclusion:
By following the above steps, you can ensure that the IAM root user does not have access keys, thus complying with the NIST 800-53 Revision 5 policy. This helps to enhance the overall security posture of your AWS account.