Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

IAM Root User Hardware MFA Enabled Rule

This rule ensures that IAM root user hardware MFA is enabled to enhance security measures.

RuleIAM root user hardware MFA should be enabled
FrameworkCISA-cyber-essentials
Severity
Critical

IAM Root User Hardware MFA for CISA Cyber Essentials

Description:

In order to enhance the security of the AWS resources and comply with CISA Cyber Essentials guidelines, it is recommended to enable Multi-Factor Authentication (MFA) specifically using hardware tokens for the IAM Root User. Enabling hardware MFA adds an extra layer of protection by requiring a physical token in addition to the regular password for user authentication.

Troubleshooting Steps:

If you experience any issues while enabling IAM Root User Hardware MFA for CISA Cyber Essentials, you can follow these troubleshooting steps:

  1. 1.
    Ensure that you have administrative privileges and access to the root account.
  2. 2.
    Check if you have a compatible hardware MFA token with your AWS account. Ensure that it's properly registered and synchronized with the IAM service.
  3. 3.
    Double-check that you haven't mistakenly disabled or removed the hardware MFA settings for the root account.
  4. 4.
    Verify if there are any network connectivity issues affecting the communication between your hardware MFA device and the AWS services.
  5. 5.
    If the MFA device is not responding or generating codes correctly, consider replacing the battery or contact the hardware manufacturer for further assistance.

Necessary Codes:

No specific codes are required for this policy. However, you might need to execute some CLI commands to enable and configure the hardware MFA for the IAM root user. The step-by-step guide below will provide you with the necessary commands.

Step-by-Step Guide:

Follow these steps to enable the IAM Root User Hardware MFA for CISA Cyber Essentials:

  1. 1.

    Log in to the AWS Management Console using the IAM root user credentials.

  2. 2.

    Navigate to the IAM service by searching for "IAM" in the AWS Management Console search bar and selecting the IAM service from the results.

  3. 3.

    In the left-hand menu, click on the "Dashboard" option.

  4. 4.

    Locate the field "Security status" and click on the "Manage MFA" link next to it.

  5. 5.

    On the Multi-factor authentication (MFA) page, click on the "Continue to Security Credentials" button.

  6. 6.

    Expand the "Multi-Factor Authentication (MFA)" section.

  7. 7.

    Click on the "Manage MFA" button next to "Root Account MFA."

  8. 8.

    Click on the "Activate MFA" button.

  9. 9.

    Choose the "A hardware MFA device" option and click on "Next Step."

  10. 10.

    In the "Scan the QR code" or "Enter key information manually" step, perform one of the following sub-steps:

    • If you have a hardware MFA device that supports QR codes, scan the QR code with your device's camera.
    • If your hardware MFA device doesn't support QR codes, enter the "Serial number" and "Authentication code" manually.
  11. 11.

    Once the MFA device has been successfully registered, a confirmation message will be displayed.

  12. 12.

    Test the MFA device by entering the MFA code generated by your hardware token.

  13. 13.

    Click on the "Next: Contact Information" button.

  14. 14.

    Configure the contact information at your preference (optional) and click on the "Next: Review" button.

  15. 15.

    Review the provided details and click on the "Activate MFA" button.

  16. 16.

    A success message will be displayed, indicating that the MFA has been enabled for the IAM root user account.

Remember to properly store and secure your hardware MFA device to ensure its availability and prevent unauthorized access.

By following this guide, you have successfully enabled IAM Root User Hardware MFA to comply with CISA Cyber Essentials security guidelines.

Is your System Free of Underlying Vulnerabilities?
Find Out Now