IAM User Has Multiple Active Access Keys

Overview

Multiple access keys may indicate that a user account was compromised, or that the user has an old key in less secure storage. Access keys are long-term credentials for an IAM user or the AWS account 'root' user. You can use access keys to sign programmatic requests to the AWS CLI or AWS API. One of the best ways to protect your account is to not allow users to have multiple access keys.

Ensure there is only one active access key available for any single user. For all users check that there is only one active key used within the Security Credentials tab for each user within IAM.

Vendor

AWS

Cloud Service

IAM

CIS AWS v1.5.0 1.13, CIS3.AWS.1.13

References

https://www.cisecurity.org/benchmark/amazon_web_services/, https://docs.aws.amazon.com/general/latest/gr/aws-access-keys-best-practices.html, https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_access-keys.html

Severity

Item Types

AWS::IAM::User

Overview​

Vendor​

Cloud Service​

Related Requirements​

Related Controls​

References​

Severity​

Item Types​