IAM User has access to the console
Description
It is generally a good security practice to ensure that IAM users do not have access to the AWS Management Console. This can help to reduce the risk of unauthorized access to your AWS resources and prevent potential data breaches. By denying console access to IAM users, you can ensure that only authorized administrators have access to the console.
Code Example
go
{
"resource "aws_iam_user" "pass" {
name = "tech-user"
}
resource "aws_iam_user_login_profile" "fail" {
user = aws_iam_user.fail.name
}
##not connected with pgp_key value",
}Remediation
Terraform
Rule Details
| Field | Value |
|---|---|
| ID | IAC-0459 |
| Severity | MEDIUM |
| IaC Type | Terraform |
| Frameworks | Terraform, TerraformPlan |
| Checkov ID | CKV2_AWS_22 |