Checks/Aws/Test-IamRootCredentialsManagementEnabled.ps1
|
function Test-IamRootCredentialsManagementEnabled { <# .SYNOPSIS AWS Organization has centralized root credentials management enabled .DESCRIPTION **AWS Organizations** uses **centralized root credentials management** to control root user credentials across member accounts. This finding evaluates whether the organization has enabled the `RootCredentialsManagement` feature to centrally govern presence and recovery of root passwords, access keys, signing certificates, and MFA. .PARAMETER Check CIEMCheck object containing check metadata. #> [CmdletBinding()] [OutputType([PSCustomObject[]])] param( [Parameter(Mandatory)] [CIEMCheck]$Check ) $ErrorActionPreference = 'Stop' # TODO: Implement check logic based on Prowler check: iam_root_credentials_management_enabled [CIEMScanResult]::Create($Check, 'MANUAL', 'This check requires manual implementation. See Prowler check iam_root_credentials_management_enabled for reference.', 'N/A', 'iam Resources') } |