ASSESS ROOT ACCOUNT SECURITY

Project Description

Determine if MFA is enabled, access keys are disabled, and other recommended settings are in place.

Summary:

Securing the AWS root account(s) is the single most important baseline security control. Anyone logging into the root account has complete control over the cloud deployment and it can be difficult, if not impossible, to regain control. This Op analyzes root account security. It determines if MFA is enabled, access keys are disabled, and other recommended settings are in place. It will recommend hardware MFA if virtual is detected.

Supported Issue Types:

Root account without MFA detected
Root account with virtual MFA detected
Root account with access keys detected

Supported Actions:

Notify only. AWS does not allow API management of the root account.

Platform:

Cloud Security CoE Organizational Models

By Mike Rothman|April 9th, 2019|Cloud Automation, Cloud Management, How To's, Operations, Security, Tips & Tricks|0 Comments

Forming the Cloud Security Center of Excellence

By Mike Rothman|March 18th, 2019|Cloud Management, How To's, Operations, Security, Tips & Tricks|0 Comments

Project Description

Summary:

Supported Issue Types:

Supported Actions:

Platform:

Related Articles

Project Details

Categories:

Tags:

ASSESS ROOT ACCOUNT SECURITY

Project Description

Summary:

Supported Issue Types:

Supported Actions:

Platform:

Related Articles

Cloud Security CoE Organizational Models

Forming the Cloud Security Center of Excellence

Project Details

Categories:

Tags:

Share This Story, Choose Your Platform!

Related Projects

ASSESS AND ENFORCE MULTIFACTOR AUTHENTICATION

ASSESS AND ENFORCE LOCAMANAGE ACCOUNT-LEVEL MONITORING AND ALERTING CONFIGURATION

REMOVE UNUSED DEFAULT VPCS