This rule ensures that Multi-Factor Authentication is enabled for the IAM root user.
Rule | IAM root user MFA should be enabled |
Framework | FedRAMP Low Revision 4 |
Severity | ✔ Medium |
Title: Enable MFA for IAM Root User in compliance with FedRAMP Low Revision 4
Description:
In order to comply with FedRAMP Low Revision 4 security requirements, Multi-Factor Authentication (MFA) should be enabled for the IAM Root User. Enabling MFA adds an extra layer of protection by requiring an additional authentication factor, in addition to a password, for accessing the root user account. This reduces the risk of unauthorized access and enhances the overall security posture of the AWS account.
Steps to Enable MFA for IAM Root User:
Troubleshooting Steps (if MFA setup encounters issues):
Code Snippets (if applicable):
No specific code snippets are required for enabling MFA for the IAM Root User.
Please note that the IAM Root User should be used sparingly for administrative tasks, and it is recommended to create and use IAM users with appropriate permissions for day-to-day operations. The root user should only be used when absolutely necessary.