iam_schema_managed_access_enablediam_user_at_least_two_users_with_accountadmin_roleiam_user_default_role_is_setiam_user_default_role_must_not_be_accountadminiam_user_with_accountadmin_role_have_emailiam_user_with_built_in_duo_mfa_enablediam_user_without_accountadmin_role_password_not_setmanual_controlmonitoring_user_password_rotated_regularlynetwork_policy_allowed_list_setnetwork_policy_blocked_list_set
Query: iam_user_default_role_must_not_be_accountadmin
Usage
steampipe query snowflake_compliance.query.iam_user_default_role_must_not_be_accountadminPlugins & Tables
SQL
select name as resource, case when default_role = 'ACCOUNTADMIN' then 'alarm' else 'ok' end as status, name || ' default_role is ' || default_role || '.' as reason, accountfrom snowflake_user;Controls
The query is being used by the following controls: