Skip to main content
All CollectionsControl Tests
Test: Root Infrastructure Account Unused
Test: Root Infrastructure Account Unused

Drata inspects your company infrastructure provider configurations to determine if the Root account is unused.

Ashley Hyman avatar
Written by Ashley Hyman
Updated over a week ago

ASSOCIATED DRATA CONTROL

This test is part of the Root Infrastructure Account Unused control that ensures your company does not use Root Account on its Infrastructure provider.

WHAT TO DO IF A TEST FAILS

If Drata detects that the Root Account is being used at least twice in the most recent seven days (as a rolling lookback) for a login attempt the test will fail. The login attempt does not have to be successful.

To remediate a failed test, you need to wait for a seven-day lookback period to only find a maximum of one login attempt. In general, AWS recommends that you avoid using the root login for day-to-day activities. You will need to configure specific user accounts for any humans that need access and grant restrictive access via roles to only the resources they need.

Did this answer your question?