π§ AWS IAM User MFA is not enabled for all users with console password - prod.logic.yaml π’
- Contextual name: π§ prod.logic.yaml π’
- ID:
/ce/ca/aws/iam/mfa-for-all-users-with-console-password/prod.logic.yaml - Located in: π AWS IAM User MFA is not enabled for all users with console password π’
Flagsβ
- π’ Logic test success
- π’ Logic with extracts
- π’ Logic with test data
Input Typeβ
| Type | API Name | Extracts | Extract Files | Logic Files | |
|---|---|---|---|---|---|
| π | π AWS IAM User | CA10__CaAwsUser__c | 13 | 2 | 8 |
Usesβ
Test Results π’β
Generated at: 2025-04-24T23:44:54.724417312Z Open
| Result | Id | Condition Index | Condition Text | Runtime Error |
|---|---|---|---|---|
| π’ | a01 | βοΈ 199 | βοΈ extract('CA10__credReportPasswordEnabled__c') == false | βοΈ null |
| π’ | a02 | βοΈ 299 | βοΈ extract('CA10__credReportMfaActive__c') == true | βοΈ null |
| π’ | a03 | βοΈ 300 | βοΈ otherwise | βοΈ null |
Generationβ
| File | MD5 | |
|---|---|---|
| Open | /ce/ca/aws/iam/mfa-for-all-users-with-console-password/policy.yaml | 59CDC590307F7F6AE38F7EC92B6A3842 |
| Open | /ce/ca/aws/iam/mfa-for-all-users-with-console-password/prod.logic.yaml | 0473B03762E2E386DE1566135F63D54D |
| Open | /ce/ca/aws/iam/mfa-for-all-users-with-console-password/test-data.json | FE4732CF485128BFD19FB1E55F768E68 |
| Open | /types/CA10__CaAwsUser__c/credReport.extracts.yaml | 8152C61E7FBD5E63E054E986AF83B52F |
Generate FULL scriptβ
java -jar repo-manager.jar policies generate FULL /ce/ca/aws/iam/mfa-for-all-users-with-console-password/prod.logic.yaml
Generate DEBUG scriptβ
java -jar repo-manager.jar policies generate DEBUG /ce/ca/aws/iam/mfa-for-all-users-with-console-password/prod.logic.yaml
Generate CAPTURE_TEST_DATA scriptβ
java -jar repo-manager.jar policies generate CAPTURE_TEST_DATA /ce/ca/aws/iam/mfa-for-all-users-with-console-password/prod.logic.yaml
Generate TESTS scriptβ
java -jar repo-manager.jar policies generate TESTS /ce/ca/aws/iam/mfa-for-all-users-with-console-password/prod.logic.yaml
Execute testsβ
java -jar repo-manager.jar policies test /ce/ca/aws/iam/mfa-for-all-users-with-console-password/prod.logic.yaml
Contentβ
---
inputType: "CA10__CaAwsUser__c"
testData:
- file: test-data.json
importExtracts:
- file: /types/CA10__CaAwsUser__c/credReport.extracts.yaml
conditions:
- status: "INAPPLICABLE"
currentStateMessage: "Requirements of this policy are applicable only to users\
\ with enabled console password"
check:
IS_EQUAL:
left:
EXTRACT: CA10__credReportPasswordEnabled__c
right:
BOOLEAN: false
- status: "COMPLIANT"
currentStateMessage: "MFA Enabled for this user"
check:
IS_EQUAL:
left:
EXTRACT: CA10__credReportMfaActive__c
right:
BOOLEAN: true
otherwise:
status: "INCOMPLIANT"
currentStateMessage: "MFA is not enabled for this user"
remediationMessage: "Enable MFA for this user or disable the console access"