IAM user is not a member of at least one group Affecting IAM service in AWS


Severity

0.0
medium
0
10
Severity Framework
Snyk CCSS
Rule category
IAM/ Users

Is your environment affected by this misconfiguration?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
Frameworks
AWS-Well-ArchitectedCSA-CCMHIPAA
  • Snyk IDSNYK-CC-00193
  • creditSnyk Research Team

Description

Ensuring that a user belongs to at least one group helps prevent the user's permissions from being managed separately.

How to fix?

Attach the aws_iam_user to an aws_iam_group using either aws_iam_user_group_membership or aws_iam_group_membership.

Example Configuration

resource "aws_iam_user" "user" {
  name = "example-user"
  # other required fields here
}

resource "aws_iam_group" "group" {
  name = "example-group"
  # other required fields here
}

resource "aws_iam_group_membership" "membership" {
  name = "example-membership"

  users = [
    aws_iam_user.user.name,
  ]

  group = aws_iam_group.group.name
}