Resource Type: AWS > IAM > Root

The Root user resource type is part of the AWS Identity and Access Management (IAM) service. The root user has unrestricted access to all resources and services in the AWS account. The root user is a critical component of AWS account security and should be managed with the highest level of caution and oversight.

Resource Context

Root is a part of the IAM service.

Each Root lives under an Account.

Controls

The primary controls for AWS > IAM > Root are:

Quick Actions

In Your Workspace

Developers

Resource Type URI

tmod:@turbot/aws-iam#/resource/types/root

Category URI

tmod:@turbot/turbot#/resource/categories/iam

GraphQL

query resource(id: "tmod:@turbot/aws-iam#/resource/types/root") { … }

query resourceActivities(filter: "resourceId:'tmod:@turbot/aws-iam#/resource/types/root'") { … }

mutation createResource(input: { … })

mutation updateResource(input: { … })

CLI

Get Resource

turbot graphql resource --id "tmod:@turbot/aws-iam#/resource/types/root"

Steampipe Query

Get Resource

select * from guardrails_resource where resource_type_uri = 'tmod:@turbot/aws-iam#/resource/types/root';

Get Policy Settings (By Resource ID)

select * from guardrails_policy_setting where filter = 'resourceTypeId:"tmod:@turbot/aws-iam#/resource/types/root"';

Get Resource Notification

select * from guardrails_notification where resource_type_uri = 'tmod:@turbot/aws-iam#/resource/types/root' and notification_type in ('resource_updated', 'resource_created');