Amazon IAM

šŸ“˜ Using the root account in AWS can lead to significant security risks, including escalation of privileges and unauthorized access. It's crucial to use IAM roles and users with minimum necessary privileges for daily operations.

  • Section: Identity and Access Management
  • Severity: Critical
  • CWE: CWE-250 Execution with Unnecessary Privileges
  • Assurance Scope: PCI, NIST, HIPPA, APRA
  • Threat Modeling Principal: Escalation of Privileges
  • Rule Set: Rapticore Benchmark

šŸ“˜ Reusing IAM roles in AWS without proper assessment can lead to security vulnerabilities, especially when roles have excessive privileges. It's essential to evaluate and tailor IAM roles specifically for each use case.

  • Section: Identity and Access Management
  • Severity: High
  • CWE: CWE-250 Execution with Unnecessary Privileges
  • Assurance Scope: PCI, NIST, HIPPA, APRA
  • Threat Modeling Principal: Escalation of Privileges
  • Rule Set: Rapticore Benchmark

šŸ“˜ Having Amazon IAM groups with administrator permissions contradicts cloud security best practices. Limiting privileges to the least required reduces risks associated with privilege escalation and unauthorized access.

  • Section: Identity and Access Management
  • Severity: High
  • CWE: CWE-250 Execution with Unnecessary Privileges
  • Assurance Scope: PCI, NIST, HIPPA, APRA
  • Threat Modeling Principal: Information Disclosure, Tampering
  • Rule Set: Rapticore Benchmark

šŸ“˜ Assigning at least one IAM group to an IAM user is crucial for effective access and privilege management. This ensures that user permissions are properly organized and monitored.

  • Section: Identity and Access Management
  • Severity: High
  • CWE: CWE-250 Execution with Unnecessary Privileges
  • Assurance Scope: PCI, NIST, HIPPA, APRA
  • Threat Modeling Principal: Escalation of Privileges
  • Rule Set: Rapticore Benchmark

šŸ“˜ Implementing Multi-Factor Authentication (MFA) for third-party IAM roles accessing your AWS account is critical for enhancing security. MFA adds an additional layer of protection, mitigating risks of information disclosure and tampering.

  • Section: Identity and Access Management
  • Severity: Critical
  • CWE: CWE-308 Use of Single-factor Authentication
  • Assurance Scope: PCI, NIST, HIPPA, APRA
  • Threat Modeling Principal: Information Disclosure, Tampering
  • Rule Set: Rapticore Benchmark