Loading controls...
Benchmark: IAM
Overview
This section contains recommendations for configuring AWS IAM resources and options.
Usage
Browse dashboards and select IAM:
steampipe dashboardOr run the benchmarks in your terminal:
steampipe check aws_compliance.benchmark.foundational_security_iamSnapshot and share results via Steampipe Cloud:
steampipe loginsteampipe check --share aws_compliance.benchmark.foundational_security_iamControls
- 1 IAM policies should not allow full '*' administrative privileges
- 2 IAM users should not have IAM policies attached
- 3 IAM users' access keys should be rotated every 90 days or less
- 4 IAM root user access key should not exist
- 5 MFA should be enabled for all IAM users that have a console password
- 6 Hardware MFA should be enabled for the root user
- 7 Password policies for IAM users should have strong configurations
- 8 Unused IAM user credentials should be removed
- 21 IAM customer managed policies that you create should not allow wildcard actions for services