AWS > IAM >

IAM User Without Permissions

MEDIUM

Source

CloudSploit

ID

iam-user-without-permissions

management console

IAM User Without Permissions

Ensure that no IAM user exists without any permissions.

IAM users are created to perform any Console, CLI or API based operations on AWS cloud accounts. They are associated with policies that grant them permissions to perform required operations. An IAM user without any permission is a security risk, it is recommended to either add required permissions or delete them to adhere to compliance standards.

Recommended Actions

Modify IAM user and attach new permissions or delete the user.

Links

https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html

Aqua Container Security

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.

Copyright © 2024 Aqua Security Software Ltd. Privacy Policy | Terms of Use