AWS_IAM_28

Ensure threre are no IAM User With Password And Access Keys both

Description

Existing IAM users are either being used for API access or for console access in order to reduce the risk of unauthorized access in case their credentials (access keys or passwords) are compromised.

Remediation

Case A: To modify the access configuration by disabling the authentication via access keys for the required IAM users, perform the following:

1. Login into the AWS Management Console.

2. Go to IAM dashboard.

3. In the left navigation panel, select Users.

4. Click on the IAM user that you want to modify.

5. On the IAM user configuration page, select Security Credentials tab.

6. Inside the Access Keys section, identify any access keys (see Audit section) and remove them by clicking the Delete link accessible in the Actions column.

7. In the Delete Access Key confirmation box, click Delete to remove the selected key.

 

Case B: To modify the access configuration by disabling the authentication via passwords for the required IAM users, perform the following:

1. Login into the AWS Management Console.

2. Navigate to IAM dashboard.

3. In the left navigation panel, select Users.

4. Click on the IAM user that you want to modify.

5. On the IAM user configuration page, select Security Credentials tab.

6. Inside the Sign-In Credentials section, click the Manage Passwords button to access the password configuration page.

7. On the Manage Password configuration page, select Remove existing password and uncheck the Require user to create a new password at next sign-in option.

8. Click Apply to disable the authentication via password for the selected user. The Password configuration status should change to No.

Service

IAM

Severity

Medium

Compliance

Mapping

We are now live on AWS Marketplace.
The integrated view of your cloud infrastructure is now easier than ever!