Identify and manage IAM users and AWS cross-account roles without MFA.
Multi factor authentication is absolutely critical for authenticating access to cloud providers. MFA is mandatory for any level of privileged user access, which is essentially anyone with access to the AWS console. This Op identifies users, and where possible roles, that do not have MFA required. It can then add the MFA requirement using the most appropriate technique.
Supported Issue Types:
An IAM role needs MFA –
- The user _name_ does not have MFA required for access.
- The role _name_ appears to be used for cross account access and does not have MFA required.
- Require MFA and allow the user to manage their own Device
- Require MFA to assume the role
Fashion App’s Faux Pas: Open Buckets of (21) Buttons TL; DR: Leaving their S3 buckets exposed, fashion-focused social app, 21 Buttons, is caught with their pants down. Because it had nothing to do with
In our last post, we walked through the console and highlighted making the most of the Security Hub console and some tips and tricks to make it more useful. Today I want to dive into one of the best parts of Security Hub — taking actions on events and findings.