More Info:

This rule ensures that the root account’s password is regularly rotated to enhance security and minimize the risk of unauthorized access. It checks if the root account’s password has been rotated within a specified time frame, typically following industry best practices and compliance requirements. Failure to rotate the root account’s password regularly could increase the likelihood of unauthorized access and compromise sensitive information.

Risk Level

High

Address

Security

Compliance Standards

CBP

Triage and Remediation

Remediation

To remediate the issue of Root Account Password not being rotated in AWS IAM using the AWS Management Console, follow these step-by-step instructions:

  1. Sign in to the AWS Management Console: Go to the AWS Management Console (https://aws.amazon.com/) and sign in using your root account credentials.

  2. Navigate to the IAM Dashboard: Once you are logged in, navigate to the IAM service by searching for it in the AWS Management Console search bar or by clicking on the “Services” dropdown menu and selecting “IAM” under the “Security, Identity, & Compliance” section.

  3. Select the Root User: In the IAM dashboard, click on the “Users” tab on the left-hand side. Locate and click on the root user in the list of IAM users displayed.

  4. Rotate the Root Account Password: In the root user details page, scroll down to the “Security credentials” section. Click on the “Manage” button next to “Console password”.

  5. Change the Root Account Password: Click on the “Enable” button to enable the password reset. Enter a new password that meets the AWS password policy requirements (e.g., minimum length, complexity).

  6. Save the New Password: Click on the “Apply” button to save the new password for the root account.

  7. Update Root Account Password Regularly: It is recommended to set up a schedule to regularly rotate the root account password to enhance security.

  8. Review and Confirm: After changing the root account password, review the changes to ensure that the password has been successfully rotated.

By following these steps, you have successfully rotated the Root Account Password in AWS IAM using the AWS Management Console, thereby remediating the misconfiguration of not rotating the root account password.