Login

Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

IAM Root User MFA Enabled Rule

This rule specifies that IAM root user MFA should be enabled for enhanced security measures.

RuleIAM root user MFA should be enabled
FrameworkGxP 21 CFR Part 11
Severity
Medium

Rule Description:

IAM root user MFA (Multi-Factor Authentication) must be enabled to comply with GxP 21 CFR Part 11 regulations. MFA adds an additional layer of security by requiring the root user to provide two or more forms of authentication, such as a password and a unique security token, before granting access to sensitive systems.

Troubleshooting Steps:

  2. 1.
    If MFA is not yet enabled for the IAM root user, follow the remediation steps mentioned below.
  4. 2.
    If MFA is already enabled but not compliant with GxP 21 CFR Part 11 requirements, follow the necessary steps to update the MFA settings.

Remediation Steps:

  2. 1.
    Open the AWS Management Console and log in as the AWS root user.
  4. 2.
    Navigate to the IAM service.

To Enable MFA for IAM Root User:

  2. 1.
    In the left sidebar, select "Users" and click on the "Add User" button.
  4. 2.
    Enter a desired username and select the "Programmatic access" and "AWS Management Console access" checkboxes.
  6. 3.
    Click on the "Next: Permissions" button.
  8. 4.
    Skip assigning any permissions for this user by clicking on "Next: Tags" and "Next: Review" buttons.
  10. 5.
    On the final user creation page, click on the "Create user" button.
  12. 6.
    On the successful user creation page, make sure to note down the Access key ID and Secret access key for this user as they won't be displayed again.
  14. 7.
    Click on the "Close" button.
  16. 8.
    On the Users page, select the newly created user and click on the "Add permissions" button.
  18. 9.
    Under the "Set permissions" section, click on the "Attach existing policies directly" button.
  20. 10.
    Search for the "AdministratorAccess" policy and select it.
  22. 11.
    Click on the "Next: Tags" button, then on the "Next: Review" button.
  24. 12.
    Finally, click on the "Add permissions" button.

To Enable MFA for the Root User:

  2. 1.
    On the Users page, select the root user and click on the "Security credentials" tab.
  4. 2.
    Under the "Multi-factor authentication (MFA)" section, click on the "Manage MFA" button.
  6. 3.
    In the MFA Management dialog box, click on the "Activate MFA" button.
  8. 4.
    Select the appropriate MFA device option (e.g., virtual MFA device, hardware MFA device, or SMS text message) and click on "Continue."
  10. 5.
    Follow the on-screen instructions and provide the necessary information to activate the selected MFA device.
  12. 6.
    Once the MFA device is successfully activated, navigate back to the security credentials tab for the root user.
  14. 7.
    In the Multi-factor authentication (MFA) section, click on "Manage MFA" again.
  16. 8.
    Click on the "Attach MFA device" button.
  18. 9.
    Associate the activated MFA device with the root user account by following the on-screen instructions.
  20. 10.
    Once the MFA device is successfully attached, you have enabled MFA for the IAM root user.

Additional Notes:

  • Make sure to securely store the Access Key ID and Secret Access Key for the newly created user in a safe location, such as AWS Secrets Manager or a password manager tool.
  • Periodically review and update MFA settings to comply with any specific requirements of GxP 21 CFR Part 11.

Is your System Free of Underlying Vulnerabilities?
Find Out Now