top of page

IAM.6

Hardware MFA should be enabled for the root user

Severity

Cloud Platforms

Resources

Related Standards

Automated

CRITICAL

AWS

AWS Identity and Access Management

AWS CIS Foundations v1.2 & v1.4, AWS Foundational Best Practice, CIS v8, PCI DSS v3.2.1, CDR, ISO27001, SOC2, NIST CSF, NIST.800-53.r5,

This AWS control checks whether your AWS account is enabled to use a hardware multi-factor authentication (MFA) device to sign in with root user credentials.

bottom of page