💼 1.5 Ensure MFA is enabled for the "root user" account

Contextual name: 💼 1.5 Ensure MFA is enabled for the "root user" account
ID: /frameworks/cis-aws-v1.3.0/01/05
Located in: 💼 1 Identity and Access Management

Description

The root user account is the most privileged user in an AWS account. Multi-factor Authentication (MFA) adds an extra layer of protection on top of a username and password. With MFA enabled, when a user signs in to an AWS website, they will be prompted for their username and password as well as for an authentication code from their AWS MFA device.

Note: When virtual MFA is used for root accounts, it is recommended that the device used is NOT a personal device, but rather a dedicated mobile device (tablet or phone) that is managed to be kept charged and secured independent of any individual personal devices. ("non-personal virtual MFA") This lessens the risks of losing access to the MFA due to device loss, device trade-in or if the individual owning the device is no longer employed at the company.

Similar

Sections
- /frameworks/cis-aws-v1.4.0/01/05
- /frameworks/cis-aws-v1.2.0/01/13
Internal
- ID: dec-c-16cdb6b4

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 CIS AWS v1.2.0 → 💼 1.13 Ensure MFA is enabled for the "root" account			1
💼 CIS AWS v1.4.0 → 💼 1.5 Ensure MFA is enabled for the 'root' user account			1

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 CIS AWS v1.2.0 → 💼 1.13 Ensure MFA is enabled for the "root" account			1
💼 CIS AWS v1.4.0 → 💼 1.5 Ensure MFA is enabled for the 'root' user account			1

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Policies (1)

Policy	Logic Count	Flags
📝 AWS Account Root User MFA is not enabled. 🟢	1	🟢 x6

Description​

Similar​

Similar Sections (Take Policies From)​

Similar Sections (Give Policies To)​

Sub Sections​

Policies (1)​