| agent: |
AWS Account Compliance Check for Root User Access Key
This workflow involves verifying the compliance of an AWS account by checking for the existence of access keys associated with the root user. The process ensures that security best practices are followed by identifying any potential security risks related to root user access keys. By conducting this check, the workflow aims to enhance the overall security posture of the AWS account. It helps in maintaining compliance with organizational policies and industry standards. The outcome of this workflow is a report or alert indicating whether the AWS account is compliant or requires further action.
- 1Z2XWOvAMxKsCBQxrUhsFCheck AWS account compliance based on root user access key existence
1
Check AWS account compliance based on root user access key existence
There was a problem that the LLM was not able to address. Please rephrase your prompt and try again.Checks if the AWS account is compliant based on the existence of root user access keys.
inputsoutputs1- 1.1QjOut66tkaeJjkuNLPMuCheck if the root user access key exists in the AWS account
1.1
Check if the root user access key exists in the AWS account
There was a problem that the LLM was not able to address. Please rephrase your prompt and try again.Checks if the AWS account is compliant based on the existence of root user access keys using account summary.
inputsoutputsimport boto3 # Create a session using the AWS credentials session = boto3.Session( aws_access_key_id=getEnvVar('AWS_ACCESS_KEY_ID'), aws_secret_access_key=getEnvVar('AWS_SECRET_ACCESS_KEY') ) # Create an IAM client iam_client = session.client('iam') # Get the account summary to check if root access keys exist response = iam_client.get_account_summary() # Check the number of root access keys root_access_keys_count = response['SummaryMap'].get('AccountAccessKeysPresent', 0) # Determine compliance status if root_access_keys_count == 0: compliance_status = 'COMPLIANT' else: compliance_status = 'NON_COMPLIANT' # Print the compliance status print(f"compliance_status: {compliance_status}")copied1.1