AWS IAM user has administrative privileges

iam
이 페이지는 아직 영어로 제공되지 않습니다. 번역 작업 중입니다.
현재 번역 프로젝트에 대한 질문이나 피드백이 있으신 경우 언제든지 연락주시기 바랍니다.

Description

This rule ensures that none of your IAM users have highly privileged policies or administrative policies attached to them.

Rationale

An IAM user with highly privileged or administrative permissions can access all AWS services and resources in the account. A user with these privileges could potentially, whether unknowingly or purposefully, cause security issues or data leaks. Users with these level of access may also be targeted by an adversary to compromise the entire AWS account.

Remediation

From the console

Follow the Removing a permissions policy from a user docs to revoke policies from a user.

From the command line

  1. Run list-users to get a list of current IAM users.

    aws iam list-users

  2. Run the list-user-policies command find the users attached policies.

     aws iam list-user-policies --user-name Name

  3. Run the detach-user-policy command to remove policies from the user.

     aws iam detach-user-policy \
 --user-name insert-username-here \
 --policy-arn insert-policy-arn-here