AWS IAM Root Access Key Audit SOC2 Compliance

This runbook involves auditing the AWS account to check if the root user has any active access keys. It's essential to ensure root access keys are not used, as they provide unrestricted access to all resources in the AWS account. The audit aims to enhance security by verifying that no root access keys exist, aligning with best practices for AWS account management.

1jqrTaWVja3JeD2yI0x1vCheck whether the root user access key exists or not
1
Check whether the root user access key exists or not
This task involves verifying the presence of access keys for the AWS root user. It is critical for security to ensure that the root user, which has extensive privileges, does not have active access keys, thereby reducing the risk of unauthorized access and potential security breaches in the AWS environment.
inputs
required
outputs
import boto3 from botocore.exceptions import ClientError, BotoCoreError creds = _get_creds(cred_label)['creds'] access_key = creds['username'] secret_key = creds['password'] # Create a boto3 client for IAM iam_client = boto3.client('iam',aws_access_key_id=access_key,aws_secret_access_key=secret_key) try: # Retrieve the AWS account's details account_summary = iam_client.get_account_summary() # Check if any access keys exist for the root user root_access_keys = account_summary['SummaryMap'].get('AccountAccessKeysPresent', 0) if root_access_keys == 0: print("Compliant: No access keys found for the root user.") else: print("Non-compliant: Access keys found for the root user.") except ClientError as e: print(f"AWS client error occurred: {e}") except BotoCoreError as e: print(f"Boto core error occurred: {e}") except Exception as e: print(f"An unexpected error occurred: {e}")
copied
1

AWS IAM Root Access Key Audit SOC2 Compliance

Resources

Company

Legal