Ensure that all Amazon IAM users available in your AWS account are approved and trusted in order to protect your AWS cloud resources against unapproved access and meet compliance requirements within your organization. The list with the approved IAM users must be configured within the rule settings, on the Trend Micro Cloud One™ – Conformity account console.
This rule can help you with the following compliance standards:
- CISAWSF
- APRA
- MAS
- NIST4
For further details on compliance standards supported by Conformity, see here.
This rule can help you work with the AWS Well-Architected Framework.
This rule resolution is part of the Conformity Security & Compliance tool for AWS.
You can explicitly specify the users that are allowed to access your AWS cloud services and resources and mark all other users as unapproved or unauthorized. To adhere to Amazon IAM security best practices, you can either remove the untrusted IAM users or safelist them after a complete compliance review.
Audit
To identify any unapproved Amazon IAM users available in your AWS account, perform the following actions:
Remediation / Resolution
To adhere to Amazon IAM security best practices and fulfill compliance requirements within your organization, you can either remove the unapproved IAM users or approve them by adding their user names in the conformity rule settings, depending on your requirements.
Case A: To remove the unapproved (unauthorized) IAM users from your AWS account, perform the following actions:Case B: If the selected unapproved Amazon IAM user is vital for your business, or you just want to mark it as compliant, add the selected user to the list of approved IAM users, defined in the rule settings, on your Trend Micro Cloud One™ – Conformity account console.
References
- AWS Documentation
- AWS IAM FAQs
- Managing IAM Users
- AWS Command Line Interface (CLI) Documentation
- iam
- list-users
- delete-login-profile
- delete-user
Unlock the Remediation Steps
Free 30-day Trial
Automatically audit your configurations with Conformity
and gain access to our cloud security platform.
You are auditing:
Check that only safelisted IAM Users exist
Risk Level: Medium