top of page

IAM.9

Virtual MFA should be enabled for the root user

Severity

Cloud Platforms

Resources

Related Standards

Automated

CRITICAL

AWS

AWS Identity and Access Management

AWS CIS Foundations v1.2 & v1.4, AWS Well-Architected, AWS Foundational Technical Review, CIS v8, PCI DSS v3.2.1, CDR, ISO27001, SOC2, NIST.800-53.r5,

This AWS control checks whether users of your AWS account require a multi-factor authentication (MFA) device to sign in with root user credentials.

bottom of page