IAM: GetGroup - 'Admin group membership should be reviewed'

Information

Proper group membership helps ensure that data remains confidential and secure.

Update the value of ADMIN_GROUP with the appropriate value for the local environment

NOTE: Nessus has provided the target output to assist in reviewing the benchmark to ensure target compliance.

Solution

Memebrs of the admin group should be reviewed. If any group memebers are not documented they should be investigated and/or removed.

See Also

https://d1.awsstatic.com/whitepapers/Security/AWS_Security_Best_Practices.pdf

Item Details

Category: ACCESS CONTROL, AUDIT AND ACCOUNTABILITY, IDENTIFICATION AND AUTHENTICATION, SYSTEM AND INFORMATION INTEGRITY

References: 800-53|AC-1, 800-53|AC-2, 800-53|AC-5, 800-53|AC-6, 800-53|AU-1, 800-53|AU-6, 800-53|IA-1, 800-53|SI-1, 800-53|SI-4

Plugin: amazon_aws

Control ID: 60b43d8c6f58fe21904ed1408450bc1268fa28126e0a30f1badc37aec5cd8b6f