Benchmark: 2. Use multi-factor authentication (MFA)

Description

MFA is the best way to protect accounts from inappropriate access. Always set up MFA on your Root user and AWS Identity and Access Management (IAM) users.

Usage

Install the mod:

mkdir dashboards
cd dashboards
powerpipe mod init
powerpipe mod install github.com/turbot/steampipe-mod-aws-top-10

Start the Powerpipe server:

steampipe service start
powerpipe server

Open http://localhost:9033 in your browser and select 2. Use multi-factor authentication (MFA).

Run this benchmark in your terminal:

powerpipe benchmark run aws_top_10.benchmark.account_security_use_mfa

Snapshot and share results via Turbot Pipes:

powerpipe benchmark run aws_top_10.benchmark.account_security_use_mfa --share

Controls

IAM root user MFA should be enabled
IAM users with console access should have MFA enabled
IAM user MFA should be enabled
IAM administrator users should have MFA enabled
IAM root user virtual MFA should be enabled

Benchmark: 2. Use multi-factor authentication (MFA)

Description

Usage

Controls

Tags