Cloud Guardrails best practice: Enable MFA on the Root Account

Configuration

Enable MFA on the Root Account

Enable multi-factor authentication on the root account with alerting.

Summary

Root login needs to be MFA's and you must alert when someone logs in with it. You can do this by monitoring / alerting through monitoring cloudtrail logs.

Applicable To

All AWS accounts

Resources

Root Account, AWS Account

Maturity

Low

Functions

Security

CSPS

AWS

Author

Mark Andersen

Additional Links

View on GitHub Contribute on GitHub

Back to Home