Turbot Guardrails Hub 
Hub
  • Mods
  • Policy Packs
  • Docs
  • Home
ModsPolicy PacksDocsHome
Mods
AWS
Loading resources...

Resource Type: AWS > IAM > Root

The Root user resource type is part of the AWS Identity and Access Management (IAM) service. The root user has unrestricted access to all resources and services in the AWS account. The root user is a critical component of AWS account security and should be managed with the highest level of caution and oversight.

Resource Context

Root is a part of the IAM service.

Each Root lives under an Account.

Controls

The primary controls for AWS > IAM > Root are:

  • Approved
  • CMDB
  • Configured
  • Discovery
  • Intelligent Assessment

It is also targeted by these controls:

  • AWS > CIS v3.0 > 1 - Identity and Access Management > 1.04 - Ensure no 'root' user account access key exists
  • AWS > CIS v3.0 > 1 - Identity and Access Management > 1.07 - Eliminate use of the 'root' user for administrative and daily tasks
  • AWS > CIS v4.0 > 1 - Identity and Access Management > 1.04 - Ensure no 'root' user account access key exists
  • AWS > CIS v4.0 > 1 - Identity and Access Management > 1.07 - Eliminate use of the 'root' user for administrative and daily tasks
  • AWS > CIS v5.0 > 1 - Identity and Access Management > 1.03 - Ensure no 'root' user account access key exists
  • AWS > CIS v5.0 > 1 - Identity and Access Management > 1.06 - Eliminate use of the 'root' user for administrative and daily tasks
  • AWS > CIS v6.0 > 2 - Identity and Access Management > 2.03 - Ensure no 'root' user account access key exists
  • AWS > CIS v6.0 > 2 - Identity and Access Management > 2.06 - Eliminate use of the 'root' user for administrative and daily tasks

Quick Actions

  • Skip alarm for Approved control
  • Skip alarm for Approved control [90 days]

Category

  • IAM

In Your Workspace

  • Controls by Resource Type report
  • Policy Settings by Resource Type report
  • Resources by Resource Type report

Developers

    Resource Type URI
    • tmod:@turbot/aws-iam#/resource/types/root
    • Category URI
    • tmod:@turbot/turbot#/resource/categories/iam
    • GraphQL
    • query resource(id: "tmod:@turbot/aws-iam#/resource/types/root") { … }
    • query resourceActivities(filter: "resourceId:'tmod:@turbot/aws-iam#/resource/types/root'") { … }
    • mutation createResource(input: { … })
    • mutation updateResource(input: { … })
    • CLI
    • Get Resource
    • turbot graphql resource --id "tmod:@turbot/aws-iam#/resource/types/root"
    • Steampipe Query
    • Get Resource
    • select * from guardrails_resource where resource_type_uri = 'tmod:@turbot/aws-iam#/resource/types/root';
      • Get Policy Settings (By Resource ID)
    • select * from guardrails_policy_setting where filter = 'resourceTypeId:"tmod:@turbot/aws-iam#/resource/types/root"';
      • Get Resource Notification
    • select * from guardrails_notification where resource_type_uri = 'tmod:@turbot/aws-iam#/resource/types/root' and notification_type in ('resource_updated', 'resource_created');
Guardrails
Guardrails Hub
  • Hub
  • Docs
  • Blog
  • Changelog
Products
  • GuardrailsGuardrails
  • PipesPipes
  • SteampipeSteampipe
  • PowerpipePowerpipe
  • FlowpipeFlowpipe
  • TailpipeTailpipe
Turbot
  • Home
  • About us
  • We're hiring!
  • Contact us
Community

Our community of practitioners love to discuss cloud governance & security.

Slack logoJoin us on Slack →

System StatusLegalSecurity
Terms of UseSecurityPrivacy
182
Mods
518
Resource Types
8,936
Policies
3,489
Controls
1,929
Quick Actions
544
IAM