Skip to main content

RAM User MFA Enabled

ID: rule:aliyun:ram-user-mfa-check
Severity: high
IaC Types: ROS, Terraform

Description

RAM users with console access should have multi-factor authentication (MFA) enabled.

Reason for Violation

RAM users without MFA are vulnerable to password compromise, posing a significant security risk.

Recommendation

Set mfa_bind_required to true on the alicloud_ram_login_profile resource.

Resource Types

ROS: ALIYUN::RAM::User
Terraform: alicloud_ram_login_profile

Description
Reason for Violation
Recommendation
Resource Types