Policy: AWS > CIS v1 > 1 Identity and Access Management > 1.01 Avoid the use of the "root" account (Scored)

Configures auditing against a CIS Benchmark item.

Level: 1 (Scored)

The "root" account has unrestricted access to all resources in the AWS account. It is highly recommended that the use of this account be avoided.

Resource Types

This policy targets the following resource types:

This policy is used with the following primary policy:

Schema Type	`string`
Default	`Per AWS > CIS v1`
Valid Values [YAML]	`Per AWS > CIS v1` `Skip` `Check: Level 1 (Scored)`

Category URI

tmod:@turbot/cis#/control/categories/v070403

Policy Type URI

tmod:@turbot/aws-cisv1#/policy/types/r0101

GraphQL

query policyType(id: "tmod:@turbot/aws-cisv1#/policy/types/r0101") { … }

query policySettings(filter: "policyTypeId:'tmod:@turbot/aws-cisv1#/policy/types/r0101'") { … }

query policyValues(filter: "policyTypeId:'tmod:@turbot/aws-cisv1#/policy/types/r0101'") { … }

CLI

Get Policy Type

turbot graphql policy-type --id "tmod:@turbot/aws-cisv1#/policy/types/r0101"

Get Policy Settings

turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/aws-cisv1#/policy/types/r0101"