Benchmark: Identification and Authentication (Organizational users) (IA-2)
Description
The information system uniquely identifies and authenticates organizational users (or processes acting on behalf of organizational users).
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-aws-complianceStart the Powerpipe server:
steampipe service startpowerpipe serverOpen http://localhost:9033 in your browser and select Identification and Authentication (Organizational users) (IA-2).
Run this benchmark in your terminal:
powerpipe benchmark run aws_compliance.benchmark.fedramp_low_rev_4_ia_2Snapshot and share results via Turbot Pipes:
powerpipe benchmark run aws_compliance.benchmark.fedramp_low_rev_4_ia_2 --shareControls
- Ensure IAM password policy requires a minimum length of 14 or greater
- IAM root user hardware MFA should be enabled
- IAM root user MFA should be enabled
- IAM root user should not have access keys
- IAM users with console access should have MFA enabled
- IAM user MFA should be enabled