jqrTaWVja3JeD2yI0x1vCheck whether the root user access key exists or not
Check whether the root user access key exists or not
This task involves verifying the presence of access keys for the AWS root user. It is critical for security to ensure that the root user, which has extensive privileges, does not have active access keys, thereby reducing the risk of unauthorized access and potential security breaches in the AWS environment.
inputs
outputs
import boto3
from botocore.exceptions import ClientError, BotoCoreError
creds = _get_creds(cred_label)['creds']
access_key = creds['username']
secret_key = creds['password']
# Create a boto3 client for IAM
iam_client = boto3.client('iam',aws_access_key_id=access_key,aws_secret_access_key=secret_key)
try:
# Retrieve the AWS account's details
account_summary = iam_client.get_account_summary()
# Check if any access keys exist for the root user
root_access_keys = account_summary['SummaryMap'].get('AccountAccessKeysPresent', 0)
if root_access_keys == 0:
print("Compliant: No access keys found for the root user.")
else:
print("Non-compliant: Access keys found for the root user.")
except ClientError as e:
print(f"AWS client error occurred: {e}")
except BotoCoreError as e:
print(f"Boto core error occurred: {e}")
except Exception as e:
print(f"An unexpected error occurred: {e}")
copied