IAM Users Should Be in at Least One Group Rule

This rule ensures that IAM users are assigned to at least one group.

Rule	IAM users should be in at least one group
Framework	GxP 21 CFR Part 11
Severity	✔ High

Rule: IAM users should be in at least one group for GxP 21 CFR Part 11

Description:

The rule states that all IAM (Identity and Access Management) users within the organization should be assigned to at least one group that complies with the requirements of GxP (Good Practices) and 21 CFR (Code of Federal Regulations) Part 11. This rule ensures that proper access controls and permissions are in place to meet regulatory compliance standards related to electronic records and signatures.

Troubleshooting Steps (if applicable):

If users are not assigned to a group compliant with GxP 21 CFR Part 11, follow these troubleshooting steps:

1.
Identify the IAM user(s) that are not assigned to any group.

2.
Verify if the user(s) require access to GxP regulated systems or processes.

3.
Review the available groups to determine the appropriate group for the user(s) based on their role and access needs.

4.
Assign the user(s) to the relevant GxP 21 CFR Part 11 compliant group.

Necessary Codes (if applicable):

No specific codes are required for this rule.

Step-by-step Guide for Remediation:

1.

Login to the AWS Management Console with appropriate IAM user credentials.

2.

Navigate to the IAM service by clicking on "Services" in the top navigation bar and searching for "IAM" in the services search box. Click on "IAM" when it appears.

3.

In the IAM Dashboard, click on "Users" in the left navigation pane.

4.

Review the list of IAM users and identify the user(s) who are not assigned to any group.

5.

Select the user(s) by clicking on the checkbox next to their username.

6.

Click on the "Add user to group" button in the "User actions" dropdown menu above the list of users.

7.

In the "Add user to group" dialog box, select the appropriate GxP 21 CFR Part 11 compliant group from the list of available groups.

8.

Click on the "Add to group" button to assign the user(s) to the selected group.

9.

Verify that the user(s) have been successfully added to the group by checking the group membership in the IAM user details page.

10.

Repeat steps 5-9 for any additional users who need to be assigned to a GxP 21 CFR Part 11 compliant group.

By following the above steps, all IAM users will be assigned to at least one group compliant with GxP 21 CFR Part 11, ensuring proper access controls and meeting regulatory requirements.

IAM Users Should Be in at Least One Group Rule

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Description:

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Troubleshooting Steps (if applicable):

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Necessary Codes (if applicable):

.css-doq6ia{margin:0;font-family:Inter;font-weight:400;font-size:1.2857142857142858rem;line-height:1.5;color:#161857;text-align:left;font-size:26px;font-weight:700;margin-top:1rem;}Step-by-step Guide for Remediation:

Is your System Free of Underlying Vulnerabilities? Find Out Now

Description:

Troubleshooting Steps (if applicable):

Necessary Codes (if applicable):

Step-by-step Guide for Remediation:

Is your System Free of Underlying Vulnerabilities?
Find Out Now