Aqua CSPM

AWS › IAM ›

Root Account Active Signing Certificates

Quick Info


Plugin Title	Root Account Active Signing Certificates
Cloud	AWS
Category	IAM
Description	Ensures the root user is not using x509 signing certificates
More Info	AWS supports using x509 signing certificates for API access, but these should not be attached to the root user, which has full access to the account.
AWS Link	https://docs.aws.amazon.com/whitepapers/latest/aws-overview-security-processes/x.509-certificates.html
Recommended Action	Delete the x509 certificates associated with the root account.

Detailed Remediation Steps

Cloud Security Posture Management (CSPM)

Scan, monitor and remediate configuration issues in public cloud accounts according to best practices and compliance standards, across AWS, Azure, Google Cloud, and Oracle Cloud.

Sign up for free

Aqua SaaS Plans

The fastest track to get started with Aqua

Aqua Container Security

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.

Copyright © 2021 Aqua Security Software Ltd. Privacy Policy | Terms of Use