Root Account with Active Signing Certificate

Authentication

Root Account with Active Signing Certificate

Risk Level

Informational (4)

Platform(s)

Compliance Frameworks

Brazilian General Data Protection (LGPD)
CCM-CSA
CCPA
cis_8
CPRA
Data Security Posture Management (DSPM) Best Practices
essential_8_au
GDPR
ISO/IEC 27001
Mitre ATT&CK
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
Orca Best Practices
PDPA
UK Cyber Essentials

Description

Ensure that your root user is not using X.509 certificates to perform requests to AWS services. An X.509 certificate is a signing certificate utilized for API request validation purposes. Some AWS services use X.509 certificates to approve requests that are signed with a corresponding private key.

Recommended Mitigation

Disable any certificate on your root account

Root Account with Active Signing Certificate

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS