turbot/aws_compliance

Query: iam_root_user_mfa_enabled

Usage

powerpipe query aws_compliance.query.iam_root_user_mfa_enabled

Steampipe Tables

SQL

select
'arn:' || partition || ':::' || account_id as resource,
case
when account_mfa_enabled then 'ok'
else 'alarm'
end status,
case
when account_mfa_enabled then 'MFA enabled for root account.'
else 'MFA not enabled for root account.'
end reason
, account_id
from
aws_iam_account_summary;

Controls

The query is being used by the following controls: