IAM User Has Administrator Access With MFA Disabled

Overview

Check to ensure that users with Administrator Access policy have Multi-Factor Authentication (MFA) tokens activated. The policy could potentially grant permission to unidentified users to carry out actions. It is recommeneded to confirm that both the repository and its contents are open to the public.

Vendor

AWS

Cloud Service

IAM

References

https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_enable_virtual.html

Severity

Item Types

AWS::IAM::User

Overview​

Vendor​

Cloud Service​

References​

Severity​

Item Types​