Control: AWS > NIST 800-53 > IAM > IAM groups should have at least one user

AWS Identity and Access Management (IAM) can help you incorporate the principles of least privilege and separation of duties with access permissions and authorizations, by ensuring that IAM groups have at least one IAM user.

Resource Types

This control targets the following resource types:

AWS > IAM > Group

In Your Workspace

Controls by Resource report
Controls by Control Type report

Developers

Control Type URI

tmod:@turbot/aws-nist-800-53#/control/types/iamGroupNotEmpty

Category URI

tmod:@turbot/turbot#/control/categories/complianceNist80053

GraphQL

query controlType(id: "tmod:@turbot/aws-nist-800-53#/control/types/iamGroupNotEmpty") { … }

query controls(filter: "controlTypeId:'tmod:@turbot/aws-nist-800-53#/control/types/iamGroupNotEmpty'") { … }

CLI

Get Controls

turbot graphql controls --filter "controlTypeId:tmod:@turbot/aws-nist-800-53#/control/types/iamGroupNotEmpty"