AWS > IAM >

Cross-Account Access External ID and MFA

MEDIUM

Source

CloudSploit

cross-account-access-external-id-and-mfa

management console

Cross-Account Access External ID and MFA

Ensures that either MFA or external IDs are used to access AWS roles.

IAM roles should be configured to require either a shared external ID or use an MFA device when assuming the role.

Recommended Actions

Update the IAM role to either require MFA or use an external ID.

Links

https://aws.amazon.com/blogs/aws/mfa-protection-for-cross-account-access/

Aqua Container Security

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.