standard
turbot/aws_compliance

Trigger: Detect & correct IAM root users with access keys

Detects IAM root users with access keys.

Query

select
concat('<root_account>', ' [', account_id, ']') as title,
(account_access_keys_present) :: text as account_access_keys_present,
sp_connection_name as conn
from
aws_iam_account_summary
where
account_access_keys_present > 0;

Schedule

15m

Tags

category = Compliance
mod = aws
service = AWS/IAM