Ensure an IAM User does not have access to the console

Home
»
AWS Documentation
»
IAM
»
Ensure an IAM User does not have access to the console

IAM User has access to the console

Description

It is considered a best security practice to restrict IAM users’ access to the AWS Management Console. This reduces the attack surface by minimizing the potential for unauthorized access to AWS resources, thereby mitigating the risk of data breaches. By explicitly denying console access for non-administrative IAM users, you can enforce a policy where only authorized administrators retain the ability to access the console and perform management operations.

Fix - Buildtime

Terraform

resource "aws_iam_user" "pass" {
  name = "tech-user"
}

resource "aws_iam_user_login_profile" "fail" {
  user    = aws_iam_user.fail.name
}

##not connected with pgp_key value