UNKNOWN
Source
CloudSploit
ID
access-keys-extra

Access Keys Extra

Detects the use of more than one access key by any single user

Having more than one access key for a single user increases the chance of accidental exposure. Each account should only have one key that defines the users permissions.

Follow the appropriate remediation steps below to resolve the issue.

  1. Log into the AWS Management Console.

  2. Select the “Services” option and search for IAM. Step

  3. Scroll down the left navigation panel and choose “Users”. Step

  4. Select the “User” that needs to be verified and click on the “User name” to access the selected “IAM User”.Step

  5. Click on the “Security Credentials” under the configuration page.Step

  6. Scroll down and under “Security Credentials” check the number of “Access Key ID”. If there are more than “One Access Key ID” for the selected user than it increases the chance of accidental exposure.Step

  7. Repeat the steps number 4 - 6 to check the “Access Keys” for another user.

  8. To remove the extra “Access Key” click on “Security Credentials” under IAM user configuration page and select the “Access Key ID” which needs to be removed.Step

  9. Click on the cross(×) symbol at the extreme right to remove the selected key. Step

  10. Click on “Delete” button under “Delete access key” tab to delete the extra “Access Key”.Step