Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

IAM Users in at Least One Group Rule

Ensure all IAM users are assigned to at least one group for better access control and security measures.

RuleIAM users should be in at least one group
FrameworkNIST Cybersecurity Framework (CSF) v1.1
Severity
High

Rule Description:

According to the NIST Cybersecurity Framework (CSF) v1, all IAM (Identity and Access Management) users should be assigned to at least one group. This rule ensures that users have appropriate access controls and adhere to security best practices.

Troubleshooting Steps:

If an IAM user is not assigned to any group, it indicates a potential security vulnerability and should be addressed immediately. Follow the steps below to troubleshoot and remediate this issue:

  1. 1.

    Log in to the AWS Management Console and navigate to the IAM service.

  2. 2.

    Click on "Users" in the left-hand navigation menu.

  3. 3.

    Review the list of IAM users and identify the user(s) who are not assigned to any group.

  4. 4.

    Select the user(s) and click on "Add user to group" from the "User actions" dropdown menu.

  5. 5.

    Choose an appropriate group from the list or create a new group if necessary.

  6. 6.

    Click on "Add to group" to assign the user to the selected group.

  7. 7.

    Repeat the process for any additional users who are not assigned to any group.

  8. 8.

    Once all users are assigned to at least one group, the rule has been remediated.

Recommended Code:

If you prefer to use AWS CLI commands for remediating the rule, you can utilize the following code:

# Assigning an IAM user to a group
aws iam add-user-to-group --group-name <group-name> --user-name <user-name>

Make sure to replace

<group-name>
with the name of the group you want to assign the user to and
<user-name>
with the username of the IAM user.

Remediation Steps:

Follow the step-by-step guide below to remediate the rule violation:

  1. 1.

    Open the AWS Management Console and access the IAM service.

  2. 2.

    Navigate to the "Users" section from the left-hand menu.

  3. 3.

    Identify the IAM user(s) who are not part of any group.

  4. 4.

    Select the user(s) by checking the checkbox next to their name.

  5. 5.

    Click on the "Add user to group" button located above the user list.

  6. 6.

    Choose the appropriate group from the drop-down menu or click on the "Create group" button to create a new group.

  7. 7.

    Assign the selected user(s) to the chosen group by clicking on the "Add to group" button.

  8. 8.

    Repeat steps 4 to 7 for any additional users without group assignments.

  9. 9.

    Verify that all IAM users are now assigned to at least one group.

  10. 10.

    The remediation process is complete, and the rule has been enforced successfully.

By following the above steps, you have ensured that all IAM users adhere to the NIST Cybersecurity Framework (CSF) v1 policy by being assigned to at least one group.

Is your System Free of Underlying Vulnerabilities?
Find Out Now