💼 [IAM.5] MFA should be enabled for all IAM users that have a console password

ID: /frameworks/aws-fsbp-v1.0.0/iam/05

Description

Multi-factor authentication (MFA) adds an extra layer of protection on top of a user name and password. With MFA enabled, when a user signs in to an AWS website, they are prompted for their user name and password. In addition, they are prompted for an authentication code from their AWS MFA device.

Similar

AWS Security Hub
- https://docs.aws.amazon.com/securityhub/latest/userguide/iam-controls.html#iam-5
Internal
- ID: dec-c-6b4a77e4

Similar Sections (Give Policies To)

Section	Internal Rules	Policies	Compliance
💼 NIST SP 800-53 Revision 5 → 💼 AC-2(1) Account Management _ Automated System Account Management	4	18	no data
💼 NIST SP 800-53 Revision 5 → 💼 AC-3(15) Access Enforcement _ Discretionary and Mandatory Access Control		13	no data
💼 NIST SP 800-53 Revision 5 → 💼 IA-2(1) Identification and Authentication (organizational Users) _ Multi-factor Authentication to Privileged Accounts		3	no data
💼 NIST SP 800-53 Revision 5 → 💼 IA-2(2) Identification and Authentication (organizational Users) _ Multi-factor Authentication to Non-privileged Accounts		3	no data
💼 NIST SP 800-53 Revision 5 → 💼 IA-2(6) Identification and Authentication (organizational Users) _ Access to Accounts —separate Device		3	no data
💼 NIST SP 800-53 Revision 5 → 💼 IA-2(8) Identification and Authentication (organizational Users) _ Access to Accounts — Replay Resistant		3	no data
💼 PCI DSS v4.0.1 → 💼 8.4.2 MFA is implemented for all non-console access into the CDE.		3	no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Policies (1)

Policy	Logic Count	Flags	Compliance
🛡️ AWS IAM User MFA is not enabled for all users with console password🟢	1	🟢 x6	no data

Description​

Similar​

Similar Sections (Give Policies To)​

Sub Sections​

Policies (1)​

Description

Similar

Similar Sections (Give Policies To)

Sub Sections

Policies (1)