Ensure Alibaba Cloud RAM enforces MFA
Error: Alibaba Cloud RAM does not enforce MFA
Bridgecrew Policy ID: BC_ALI_IAM_10
Checkov Check ID: CKV_ALI_24
Severity: LOW
Alibaba Cloud RAM does not enforce MFA
Description
Enforcing MFA helps protect your data from unauthorized access or tampering by requiring users to provide additional verification before accessing resources. By enabling MFA, you can help ensure that only authorized users with the correct credentials can access your resources.
Fix - Runtime
Fix - Buildtime
Terraform
resource "alicloud_ram_security_preference" "pass" {
enable_save_mfa_ticket = false
allow_user_to_change_password = true
enforce_mfa_for_login = true
}
Updated 9 months ago