An S3 Bucket policy that denies any Amazon S3 operation on the bucket if the request is not MFA authenticated.

 
Tags
API and CLI Access
Console Access
MFA
Missing Parameters
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Principal": "*",
            "Action": "s3:*",
            "Resource": [
                "arn:aws:s3:::/*"
            ],
            "Effect": "Deny",
            "Condition": {
                "Null": {
                    "aws:MultiFactorAuthAge": true
                }
            }
        }
    ]
}
Customize Policy
* Required field