IAM CreateLoginProfile detected

Trend Micro Cloud One™ – Conformity is a continuous assurance tool that provides peace of mind for your cloud infrastructure, delivering over 750 automated best practice checks.

Risk level: High (not acceptable risk)
Rule ID: IAM-056

Cloud Conformity Real-Time Threat Monitoring and Analysis (RTMA) engine has detected a call to IAM's 'CreateLoginProfile', within your AWS account.

This rule resolution is part of the Cloud Conformity Real-Time Threat Monitoring

Security

Amazon Identity and Access Management (IAM) is a web service that helps you securely control access to your AWS services and resources. With AWS IAM you can centrally manage users and groups, security credentials (i.e. access keys) and permissions that control which resources users and applications can access in your AWS account. Essentially, the IAM service is used to control who is authenticated (signed in) and authorized (has permissions) to use AWS cloud resources.


Cloud Conformity RTMA can detect any call to IAM's 'CreateLoginProfile' made within your AWS account. Specifically, the activity detected by the current RTMA rule could be any user (root/IAM) request initiated through AWS Management Console or any AWS API request initiated programmatically using AWS CLI or SDKs, that executes the Identity and Access Management (IAM) service action:

References

Publication date Aug 30, 2019

Unlock the Remediation Steps


Gain free unlimited access
to our full Knowledge Base


Over 750 rules & best practices
for AWS and Azure

You are auditing:

IAM CreateLoginProfile detected

Risk level: High