Resource Type: AWS > IAM > Access Key

Resource Context

Access Key is a part of the IAM service.

Each Access Key lives under an User.

Controls

The primary controls for AWS > IAM > Access Key are:

• Active
• CMDB
• Configured
• Discovery
• Usage

It is also targeted by these controls:

• AWS > HIPAA > IAM > IAM user access keys should be rotated at least every 90 days
• AWS > NIST 800-53 > IAM > IAM user access keys should be rotated at least every 90 days

Quick Actions

• Delete from AWS
• Skip alarm for Active control
• Skip alarm for Active control [90 days]

Category

• IAM

In Your Workspace

• Controls by Resource Type report
• Policy Settings by Resource Type report
• Resources by Resource Type report

Developers

Resource Type URI

tmod:@turbot/aws-iam#/resource/types/accessKey

Category URI

tmod:@turbot/turbot#/resource/categories/iam

GraphQL

query resource(id: "tmod:@turbot/aws-iam#/resource/types/accessKey") { … }

query resourceActivities(filter: "resourceId:'tmod:@turbot/aws-iam#/resource/types/accessKey'") { … }

mutation createResource(input: { … })

mutation updateResource(input: { … })

CLI

Get Resource

turbot graphql resource --id "tmod:@turbot/aws-iam#/resource/types/accessKey"

Steampipe Query

Get Resource

select * from guardrails_resource where resource_type_uri = 'tmod:@turbot/aws-iam#/resource/types/accessKey';

Get Policy Settings (By Resource ID)

select * from guardrails_policy_setting where filter = 'resourceTypeId:"tmod:@turbot/aws-iam#/resource/types/accessKey"';

Get Resource Notification

select * from guardrails_notification where resource_type_uri = 'tmod:@turbot/aws-iam#/resource/types/accessKey' and notification_type in ('resource_updated', 'resource_created');