This rule specifies that IAM users with console access must have MFA enabled for added security.
Rule | IAM users with console access should have MFA enabled |
Framework | NIST 800-53 Revision 5 |
Severity | ✔ High |
Rule Description:
This rule requires that IAM users with console access have Multi-Factor Authentication (MFA) enabled in order to comply with the security standards outlined in the National Institute of Standards and Technology (NIST) 800-53 Revision 5.
Troubleshooting Steps:
If an IAM user does not have MFA enabled, follow the troubleshooting steps below to remedy the issue:
Verify MFA configuration:
Enable MFA for IAM user:
Test MFA functionality:
Necessary Code:
There's no specific code required for this rule. However, you can use the AWS Command Line Interface (CLI) to enable MFA for an IAM user if necessary.
Step-by-Step Guide for Remedy:
Follow the step-by-step guide below to enable MFA for an IAM user:
Install and configure the AWS CLI (if not already installed) - Refer to the AWS CLI documentation for instructions specific to your operating system.
Open the command line or terminal application.
Run the following command to enable MFA for the IAM user:
aws iam enable-mfa-device --user-name <IAM_USERNAME> --serial-number <MFA_DEVICE_SERIAL_NUMBER> --authentication-code1 <FIRST_AUTHENTICATION_CODE> --authentication-code2 <SECOND_AUTHENTICATION_CODE>
<IAM_USERNAME>
with the username of the IAM user.<MFA_DEVICE_SERIAL_NUMBER>
with the serial number of the MFA device associated with the user.<FIRST_AUTHENTICATION_CODE>
and <SECOND_AUTHENTICATION_CODE>
with the current MFA authentication codes from the user's device.Verify that the command executed successfully and returned the expected output.
Test the MFA functionality by signing in as the IAM user and providing the MFA code when prompted.
Repeat these steps for each IAM user that requires MFA enablement.
Conclusion:
Enabling MFA for IAM users with console access ensures an additional layer of security, aligning with the NIST 800-53 Revision 5 requirements. By following the troubleshooting steps and the provided guide for remediation, you can comply with this rule and enhance the overall security posture of your AWS environment.