aws_compliance

AWS Compliance

Access to systems and assets can be controlled by checking that the root user does not have access keys attached to their AWS Identity and Access Management (IAM) role.

iam_root_user_no_access_keys

article_25

Article 25 Data protection by design and by default

cisa_cyber_essentials_your_surroundings_3

Your Surroundings-3

cisa_cyber_essentials_your_systems_3

Your Systems-3

fedramp_low_rev_4_ac_2

Account Management (AC-2)

fedramp_low_rev_4_ac_3

Access Enforcement (AC-3)

fedramp_low_rev_4_ia_2

Identification and Authentication (Organizational users) (IA-2)

fedramp_moderate_rev_4_ac_2_1

AC-2(1) Automated System Account Management

fedramp_moderate_rev_4_ac_2_f

AC-2(f)

fedramp_moderate_rev_4_ac_2_j

AC-2(j)

fedramp_moderate_rev_4_ac_3

fedramp_moderate_rev_4_ac_5_c

AC-5(c)

fedramp_moderate_rev_4_ac_6

Least Privilege (AC-6)

fedramp_moderate_rev_4_ac_6_10

AC-6(10) Prohibit Non-Privileged Users From Executing Privileged Functions

fedramp_moderate_rev_4_ia_2

ffiec_d_3_pc_am_b_1

D3.PC.Am.B.1

ffiec_d_3_pc_am_b_3

D3.PC.Am.B.3

ffiec_d_3_pc_am_b_8

D3.PC.Am.B.8

gxp_21_cfr_part_11_11_10_d

11.10(d)

gxp_21_cfr_part_11_11_10_g

11.10(g)

gxp_21_cfr_part_11_11_200

11.200 Electronic signature components and controls

hipaa_164_308_a_1_ii_b

164.308(a)(1)(ii)(B) Risk Management

hipaa_164_308_a_3_i

164.308(a)(3)(i) Workforce security

hipaa_164_308_a_3_ii_b

164.308(a)(3)(ii)(B) Workforce clearance procedure

hipaa_164_308_a_4_ii_c

164.308(a)(4)(ii)(C) Access establishment and modification

hipaa_164_312_a_2_i

164.312(a)(2)(i) Unique user identification

nist_800_171_rev_2_3_1_1

3.1.1 Limit system access to authorized users, processes acting on behalf of authorized users, and devices (including other systems)

nist_800_171_rev_2_3_1_2

3.1.2 Limit system access to the types of transactions and functions that authorized users are permitted to execute

nist_800_171_rev_2_3_1_4

3.1.4 Separate the duties of individuals to reduce the risk of malevolent activity without collusion

nist_800_171_rev_2_3_1_5

3.1.5 Employ the principle of least privilege, including for specific security functions and privileged accounts

nist_800_171_rev_2_3_1_6

3.1.6 Use non-privileged accounts or roles when accessing nonsecurity functions

nist_800_171_rev_2_3_1_7

3.1.7 Prevent non-privileged users from executing privileged functions and capture the execution of such functions in audit logs

nist_800_171_rev_2_3_4_6

3.4.6 Employ the principle of least functionality by configuring organizational systems to provide only essential capabilities

nist_800_53_rev_4_ac_2

nist_800_53_rev_4_ac_3

nist_800_53_rev_4_ac_6

nist_800_53_rev_4_ac_6_10

nist_800_53_rev_5_ac_24

Access Control Decisions (AC-24)

nist_800_53_rev_5_ac_2_1

nist_800_53_rev_5_ac_2_6

AC-2(6) Dynamic Privilege Management

nist_800_53_rev_5_ac_3_12_a

AC-3(12)(a)

nist_800_53_rev_5_ac_3_13

AC-3(13) Attribute-Based Access Control

nist_800_53_rev_5_ac_3_15_a

AC-3(15)(a)

nist_800_53_rev_5_ac_3_15_b

AC-3(15)(b)

nist_800_53_rev_5_ac_3_3

AC-3(3) Mandatory Access Control

nist_800_53_rev_5_ac_3_3_a

AC-3(3)(a)

nist_800_53_rev_5_ac_3_3_b_1

AC-3(3)(b)(1)

nist_800_53_rev_5_ac_3_3_b_2

AC-3(3)(b)(2)

nist_800_53_rev_5_ac_3_3_b_3

AC-3(3)(b)(3)

nist_800_53_rev_5_ac_3_3_b_4

AC-3(3)(b)(4)

nist_800_53_rev_5_ac_3_3_b_5

AC-3(3)(b)(5)

nist_800_53_rev_5_ac_3_3_c

AC-3(3)(c)

nist_800_53_rev_5_ac_3_4

AC-3(4) Discretionary Access Control

nist_800_53_rev_5_ac_3_4_a

AC-3(4)(a)

nist_800_53_rev_5_ac_3_4_b

AC-3(4)(b)

nist_800_53_rev_5_ac_3_4_c

AC-3(4)(c)

nist_800_53_rev_5_ac_3_4_d

AC-3(4)(d)

nist_800_53_rev_5_ac_3_4_e

AC-3(4)(e)

nist_800_53_rev_5_ac_3_7

AC-3(7) Role-Based Access Control

nist_800_53_rev_5_ac_3_8

AC-3(8) Revocation Of Access Authorizations

nist_800_53_rev_5_ac_4_28

AC-4(28) Linear Filter Pipelines

nist_800_53_rev_5_ac_6

nist_800_53_rev_5_ac_6_10

AC-6(10)

nist_800_53_rev_5_ac_6_2

AC-6(2)

nist_800_53_rev_5_cm_5_1_a

CM-5(1)(a)

nist_800_53_rev_5_cm_6_a

CM-6(a)

nist_800_53_rev_5_cm_9_b

CM-9(b)

nist_800_53_rev_5_ia_2

nist_800_53_rev_5_ia_4_4

IA-4(4)

nist_800_53_rev_5_ia_4_8

IA-4(8)

nist_800_53_rev_5_ia_4_b

IA-4(b)

nist_800_53_rev_5_ia_5_8

IA-5(8) Multiple System Accounts

nist_800_53_rev_5_mp_2

Media Access (MP-2)

nist_800_53_rev_5_sc_23_3

SC-23(3) Unique System-Generated Session Identifiers

nist_800_53_rev_5_sc_25

Thin Nodes (SC-25)

nist_csf_pr_ac_1

PR.AC-1

nist_csf_pr_ac_4

PR.AC-4

nist_csf_pr_pt_3

PR.PT-3

rbi_cyber_security_annex_i_7_1

Annex I (7.1)

IAM root user should not have access keys

Run individual configuration, compliance and security controls or full compliance benchmarks for CIS, FFIEC, PCI, NIST, HIPAA, RBI CSF, GDPR, SOC 2, Audit Manager Control Tower, FedRAMP, GxP and AWS Foundational Security Best Practices controls across all your AWS accounts using Steampipe.

Apache License 2.0

steampipe-mod-aws-compliance

turbot/aws_compliance

Control: IAM root user should not have access keys

Description

Usage

SQL

Tags

Steampipe

Resources

Community