IAM user is not a member of at least one group Affecting IAM service in AWS

Snyk CCSS

IAM / Users

Is your enviroment affected by this misconfiguration?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Frameworks

AWS-Well-Architected CSA-CCM HIPAA

Snyk ID SNYK-CC-00193
credit Snyk Research Team

Report a new misconfiguration Found a mistake?

Description

Ensuring that a user belongs to at least one group helps prevent the user's permissions from being managed separately.

How to fix?

Attach the aws_iam_user to an aws_iam_group using either aws_iam_user_group_membership or aws_iam_group_membership.

Example Configuration

resource "aws_iam_user" "user" {
  name = "example-user"
  # other required fields here
}

resource "aws_iam_group" "group" {
  name = "example-group"
  # other required fields here
}

resource "aws_iam_group_membership" "membership" {
  name = "example-membership"

  users = [
    aws_iam_user.user.name,
  ]

  group = aws_iam_group.group.name
}

IAM user is not a member of at least one group Affecting IAM service in AWS

Severity

Description

How to fix?

Example Configuration