Benchmark: 3.0.2 - Disallow console access to IAM users without MFA
Description
Disallow console access to IAM users without MFA - Checks whether AWS Multi-Factor Authentication (MFA) is enabled for all AWS Identity and Access Management (IAM) users that use a console password.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-aws-compliance
Start the Powerpipe server:
steampipe service startpowerpipe server
Open http://localhost:9033 in your browser and select 3.0.2 - Disallow console access to IAM users without MFA.
Run this benchmark in your terminal:
powerpipe benchmark run aws_compliance.benchmark.audit_manager_control_tower_multi_factor_authentication_3_0_2
Snapshot and share results via Turbot Pipes:
powerpipe benchmark run aws_compliance.benchmark.audit_manager_control_tower_multi_factor_authentication_3_0_2 --share