Root Account Has Active Access Keys
- Query id: e71d0bc7-d9e8-4e6e-ae90-0a4206db6f40
- Query name: Root Account Has Active Access Keys
- Platform: Ansible
- Severity: High
- Category: Insecure Configurations
- CWE: 710
- URL: Github
Description¶
The AWS Root Account must not have active access keys associated, which means if there are access keys associated to the Root Account, they must be inactive.
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - yaml file
#this is a problematic code where the query should report a result(s)
- name: Create two new IAM users with API keys
community.aws.iam:
iam_type: user
name: "{{ root }}"
state: present
password: "{{ temp_pass }}"
access_key_state: active
loop:
- jcleese
- mpython
Code samples without security vulnerabilities¶
Negative test num. 1 - yaml file
#this code is a correct code for which the query should not find any result
- name: Create two new IAM users with API keys
community.aws.iam:
iam_type: user
name: '{{ root }}'
state: present
password: '{{ temp_pass }}'
access_key_state: inactive
loop:
- jcleese
- mpython