Zeus Cloud home page

Explore Demo
Explore Demo

Introduction

What is ZeusCloud?
Get Started
Rules
Alerts
Compliance
Customize

Rules Catalog

Overview
Misconfigurations
Attack Paths

Contribute

Overview
Development Guide
Add a Security Rule
Add to Asset Inventory
Add a Compliance Framework

Community and Support

Troubleshooting
Community

Misconfigurations

IAM

ZeusCloud provides the following security rules for AWS IAM:

User access keys should be rotated every 90 days or less
Access keys should not be set up at initial user setup for IAM users with passwords
IAM credentials (access keys and passwords) unused for 90 days or more should be disabled
Expired SSL/TLS certificates stored in AWS IAM should be removed
MFA should be enabled for all IAM users with a console password
IAM groups, users, and roles should not have any inline policies
No root account access keys should exist
Full ’*’ administrative privileges shouldn’t be allowed through IAM policies
IAM policies should not be connected to IAM users, but rather groups and roles
Password policy should expire passwords within 90 days or less
Password policy should require at least one lowercase character
Password policy should require a minimum length of at least 14
Password policy should require at least one number character
Password policy should prevent password reuse: 24 or greater
Password policy should require at least one symbol character
Password policy should require at least one uppercase character
Root Account should not be actively used
MFA should be enabled for the root account
An IAM user, group, or role has specific permissions to coordinate AWS support
IAM users should each only have at most one active access key
IAM user should be associated with at least 1 group

twitter github linkedin

Powered by Mintlify

Assistant

Responses are generated using AI and may contain mistakes.