turbot/steampipe-mod-aws-compliance

Benchmark: 8.4.1: MFA is implemented for all non-console access into the CDE for personnel with administrative access

Description

Requiring more than one type of authentication factor reduces the probability that an attacker can gain access to a system by masquerading as a legitimate user, because the attacker would need to compromise multiple authentication factors. This is especially true in environments where traditionally the single authentication factor employed was something a user knows such as a password or passphrase.

Usage

Install the mod:

mkdir dashboards
cd dashboards
powerpipe mod init
powerpipe mod install github.com/turbot/steampipe-mod-aws-compliance

Start the Powerpipe server:

steampipe service start
powerpipe server

Open http://localhost:9033 in your browser and select 8.4.1: MFA is implemented for all non-console access into the CDE for personnel with administrative access.

Run this benchmark in your terminal:

powerpipe benchmark run aws_compliance.benchmark.pci_dss_v40_requirement_8_4_1

Snapshot and share results via Turbot Pipes:

powerpipe benchmark run aws_compliance.benchmark.pci_dss_v40_requirement_8_4_1 --share

Controls

Tags