Determine if MFA is enabled, access keys are disabled, and other recommended settings are in place.
Securing the AWS root account(s) is the single most important baseline security control. Anyone logging into the root account has complete control over the cloud deployment and it can be difficult, if not impossible, to regain control. This Op analyzes root account security. It determines if MFA is enabled, access keys are disabled, and other recommended settings are in place. It will recommend hardware MFA if virtual is detected.
Supported Issue Types:
- Root account without MFA detected
- Root account with virtual MFA detected
- Root account with access keys detected
- Notify only. AWS does not allow API management of the root account.
We spend a lot of time talking to cloud security professionals, basically trying to figure out the best ways to get their jobs done in largely uncharted territory. Cloud technology is evolving at an unprecedented [...]
In Quick and Dirty: Building an S3 guardrail with Config we highlighted one of the big problems with Config: you need to set it up in each region of each account. Your best bet to make [...]