A User Does Not have Multiple Active Access Keys
Rule Details
|
Parameter |
Description |
|---|---|
|
Rule Name |
iam-user-single-access-key |
|
Identifier |
iam-user-single-access-key |
|
Description |
If an IAM user has multiple access keys in the active state, this user is noncompliant. |
|
Tag |
iam |
|
Trigger Type |
Configuration change |
|
Filter Type |
iam.users |
|
Configure Rule Parameters |
None |
Applicable Scenario
Access keys are identity credentials that IAM users can use to call APIs. To improve resource security, each IAM user is advised to be assigned only one active access key.
Solution
You can delete or disable the additional access keys for noncompliant IAM users. For more details, see Managing Access Keys for an IAM User.
Rule Logic
- If an IAM user is in the disabled state, this user is compliant.
- If an IAM user that is in the enabled state has only one active access key, this IAM user is compliant.
- If an IAM user that is in the enabled state has multiple active access keys, this IAM user is noncompliant.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
