Root Account Has Active Access Keys
- Query id: 4c137350-7307-4803-8c04-17c09a7a9fcf
- Query name: Root Account Has Active Access Keys
- Platform: CloudFormation
- Severity: High
- Category: Insecure Configurations
- CWE: 710
- URL: Github
Description¶
The AWS Root Account must not have active access keys associated, which means if there are access keys associated to the Root Account, they must be inactive.
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - yaml file
AWSTemplateFormatVersion: '2010-09-09'
Resources:
CFNKeys:
Type: AWS::IAM::AccessKey
Properties:
UserName: Root
Positive test num. 2 - json file
{
"AWSTemplateFormatVersion": "2010-09-09",
"Resources": {
"CFNKeys": {
"Type": "AWS::IAM::AccessKey",
"Properties": {
"UserName": "Root"
}
}
}
}