AWS IAM (Identity and Access Management)

Overview

AWS IAM integration - regscale aws sync_iam - assesses access control and authentication controls (AC-2, AC-6, IA-2, IA-5, AC-3) from AWS Identity and Access Management.

Command Syntax

regscale aws sync_iam [OPTIONS]

Basic Usage

# IAM compliance with evidence
regscale aws sync_iam --regscale_id 123 --collect-evidence

# Create issues for IAM non-compliance
regscale aws sync_iam \
  --regscale_id 123 \
  --create-issues \
  --create-poams

NIST 800-53 Controls Assessed

• AC-2: Account Management
• AC-3: Access Enforcement
• AC-6: Least Privilege
• IA-2: Identification and Authentication (Organizational Users)
• IA-5: Authenticator Management

What Gets Created in RegScale

• Control Assessments: AC and IA family controls
• Evidence: Users, groups, roles, MFA status, password policy
• Issues: No MFA, weak password policy, unused access keys, AdministratorAccess usage
• Assets: IAM users and roles as identity assets

Common Issues Detected

• Users without MFA enabled
• Weak password policies
• Unused access keys (>90 days)
• Root account usage
• Excessive use of Administrator

Access

• Inactive users
• Service accounts without rotation

Common Use Cases

Access Control Compliance

regscale aws sync_iam \
  --regscale_id 123 \
  --collect-evidence \
  --evidence-control-ids AC-2,AC-3,AC-6,IA-2,IA-5 \
  --create-issues \
  --create-poams

Monthly IAM Audit

regscale aws sync_iam \
  --regscale_id 123 \
  --collect-evidence \
  --create-issues

Command Options

Best Practices

1. Enforce MFA for all users
2. Use IAM roles instead of access keys where possible
3. Implement least privilege access
4. Rotate credentials regularly
5. Monitor root account usage
6. Schedule weekly assessments for access control compliance