Free Assessment

AWS_IAM_37

Ensure all Cross-Account Access roles have External ID and MFA enabled

Description

Amazon IAM roles used to establish a trusted relationship between your AWS account and a third-party entity (also known as cross-account access roles) are using Multi-Factor Authentication (MFA) or external IDs to secure the access to your resources

Remediation

1. Sign in to the AWS Management Console.

2. Navigate to IAM dashboard.

3. In the left navigation panel, choose Roles.

4. Click on the name (link) of the cross-account IAM role that you want to reconfigure.

5. On the Summary page, select the Trust relationships tab and click Edit trust relationship button to initiate the update process.

6. On the Edit trust relationship page, add one of the following blocks to the existing policy:

<ol style=list-style-type: lower-alpha

Service

IAM

Severity

Medium

Compliance

Mapping

Want to Know More?

Learn how our partners are managing their cloud security and compliance with Cloudlytics.

I hereby accept the GDPR and Privacy Policy, by subscribing to the newsletters.

Cloudlytics

Solutions

Resources

Company

Legal

Facebook Twitter Linkedin Youtube
Start Free Trial
Login

CLOSE

We are now live on AWS Marketplace.
The integrated view of your cloud infrastructure is now easier than ever!

Learn More