turbot/alicloud_compliance

Control: 1.2 Ensure no root account access key exists

Description

Access keys provide programmatic access to a given Alibaba Cloud account. It is recommended that all access keys associated with the root account be removed.

Remediation

From Console

Perform the following to delete or disable active root access keys:

  1. Logon to RAM console by using your Alibaba Cloud account (root account).
  2. Move the pointer over the account icon in the upper-right corner and click AccessKey.
  3. Click Continue to manage AccessKey.
  4. On the Security Management page, find the target access keys and perform the following operations:
    • Click Disable to disable the target access keys temporarily.
    • Click Delete to delete the target access keys permanently.

Usage

steampipe check alicloud_compliance.control.cis_v100_1_2

SQL

This control uses a named query:

ram_root_account_no_access_keys

Tags