Vulnerabilities
Misconfiguration
Compliance
AWS > IAM >

IAM User Admins

HIGH
Source
CloudSploit
ID
iam-user-admins
management console

IAM User Admins

Ensures the number of IAM admins in the account are minimized

While at least two IAM admin users should be configured, the total number of admins should be kept to a minimum.

Follow the appropriate remediation steps below to resolve the issue.

  1. Log in to the AWS Management Console.

  2. Select the “Services” option and search for IAM. Step

  3. In the left navigation panel, select “Users” under “Access management”.Step

  4. Click on the User name of the IAM user that you want to inspect.Step

  5. Scroll down and click the “Permissions” tab and check if the user has “AdministratorAccess” under Policy name then the user has administrator privileges.Step

  6. Ensure that the user is authorised for administrative operations. If not then remove “AdministratorAccess” permission by clicking on the cross(x) on the extreme right column.Step

  7. On the Detach Policy pop up click on “Detach” button to detach the AdministratorAccess policy from the user.Step

  8. Repeat steps 4-7 for all other IAM users. There should be minimal number of users with AdministratorAccess policy.

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2025 Aqua Security Software Ltd.   Privacy Policy | Terms of Use