Login

Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

IAM Root User MFA Enabled Rule

This rule ensures that MFA is enabled for the IAM root user as a security measure.

RuleIAM root user MFA should be enabled
FrameworkNIST 800-53 Revision 5
Severity
Medium

Rule Description

The IAM root user MFA (Multi-factor Authentication) should be enabled to comply with the security requirement specified in NIST (National Institute of Standards and Technology) 800-53 Revision 5. This rule ensures an additional layer of security for the root user of the AWS account, reducing the risk of unauthorized access and potential security breaches.

Troubleshooting Steps

If MFA is not enabled for the IAM root user, follow these troubleshooting steps:

  2. 1.

    Ensure you have administrative access to the AWS Management Console.

  4. 2.

    Log in to the AWS Management Console using the root user credentials.

  6. 3.

    Go to the IAM service by searching for "IAM" in the AWS Management Console search bar.

  8. 4.

    Once in the IAM service, navigate to the "Users" section.

  10. 5.

    Locate the root user in the user list and select it.

  12. 6.

    Click on the "Security credentials" tab.

  14. 7.

    Under "Multi-factor authentication (MFA)", check if MFA is already enabled. If it is not, proceed to the next step.

  16. 8.

    Click on the "Manage" button next to "Assigned MFA device".

  18. 9.

    Follow the on-screen instructions to configure and activate an MFA device for the root user. This can be a virtual MFA device (such as Google Authenticator) or a hardware MFA device.

  20. 10.

    Once the MFA device is set up and activated, click on "Assign MFA device" to complete the process.

  22. 11.

    Verify that MFA is now enabled for the root user by checking the "Multi-factor authentication (MFA)" section.

Necessary Code

There is no specific code required to enable MFA for the IAM root user. The process can be completed through the AWS Management Console as described in the troubleshooting steps.

Remediation Steps

To enable MFA for the IAM root user, follow these steps:

  2. 1.

    Log in to the AWS Management Console using the root user credentials.

  4. 2.

    Go to the IAM service by searching for "IAM" in the AWS Management Console search bar.

  6. 3.

    Once in the IAM service, navigate to the "Users" section.

  8. 4.

    Locate the root user in the user list and select it.

  10. 5.

    Click on the "Security credentials" tab.

  12. 6.

    Under "Multi-factor authentication (MFA)", check if MFA is already enabled. If it is not, proceed to the next step.

  14. 7.

    Click on the "Manage" button next to "Assigned MFA device".

  16. 8.

    Follow the on-screen instructions to configure and activate an MFA device for the root user. This can be a virtual MFA device (such as Google Authenticator) or a hardware MFA device.

  18. 9.

    Once the MFA device is set up and activated, click on "Assign MFA device" to complete the process.

  20. 10.

    Verify that MFA is now enabled for the root user by checking the "Multi-factor authentication (MFA)" section.

By following these steps, you have successfully enabled MFA for the IAM root user, ensuring compliance with the NIST 800-53 Revision 5 security requirement.

Is your System Free of Underlying Vulnerabilities?
Find Out Now