top of page
IAM.6
Hardware MFA should be enabled for the root user
Severity
Cloud Platforms
Resources
Related Standards
Automated
CRITICAL
AWS
AWS Identity and Access Management
AWS CIS Foundations v1.2 & v1.4, AWS Foundational Best Practice, CIS v8, PCI DSS v3.2.1, CDR, ISO27001, SOC2, NIST CSF, NIST.800-53.r5,
This AWS control checks whether your AWS account is enabled to use a hardware multi-factor authentication (MFA) device to sign in with root user credentials.
bottom of page