IAM Access Key Is Exposed
- Query id: 7081f85c-b94d-40fd-8b45-a4f1cac75e46
- Query name: IAM Access Key Is Exposed
- Platform: Terraform
- Severity: Medium
- Category: Access Control
- CWE: 200
- URL: Github
Description¶
IAM Access Key should not be active for root users
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - tf file
resource "aws_iam_access_key" "positive1" {
user = "root"
status = "Active"
}
resource "aws_iam_access_key" "positive2" {
user = "root"
}