Control: 1.2 Ensure that Multi-Factor Authentication is 'Enabled' for All Non-Service Accounts
Description
Setup multi-factor authentication for Google Cloud Platform accounts.
Multi-factor authentication requires more than one mechanism to authenticate a user. This secures user logins from attackers exploiting stolen or weak credentials.
Remediation
From Console
For each Google Cloud Platform project:
- Identify non-service accounts.
- Setup multi-factor authentication for each account.
Default Value
By default, multi-factor authentication is not set.
Usage
Run the control in your terminal:
powerpipe control run gcp_compliance.control.cis_v300_1_2
Snapshot and share results via Turbot Pipes:
powerpipe loginpowerpipe control run gcp_compliance.control.cis_v300_1_2 --share
SQL
This control uses a named query:
manual_control