A config rule that checks whether your AWS account is enabled to use multi-factor authentication (MFA) hardware device to sign in with root credentials. The rule is NON_COMPLIANT if any virtual MFA devices are permitted for signing in with root credentials.

 
Tags
Root Account
MFA
Items
1
Size
0.7 KB
AWSTemplateFormatVersion: '2010-09-09'
Resources:
  ConfigRule:
    Type: 'AWS::Config::ConfigRule'
    Properties:
      ConfigRuleName: root-account-hardware-mfa-enabled
      Description: >-
        A config rule that checks whether your AWS account is enabled to use
        multi-factor authentication (MFA) hardware device to sign in with root
        credentials. The rule is NON_COMPLIANT if any virtual MFA devices are
        permitted for signing in with root credent...
      InputParameters: {}
      Scope:
        ComplianceResourceTypes: []
      Source:
        Owner: AWS
        SourceIdentifier: ROOT_ACCOUNT_HARDWARE_MFA_ENABLED
      MaximumExecutionFrequency: TwentyFour_Hours
Parameters: {}
Metadata: {}
Conditions: {}

Customize Cf Template

Rule Parameters

No rule paramters
 
* Required field