msdisme
commented
5 months ago Assigned to root, saved in bitwarden
Closed msdisme closed 5 months ago
msdisme
commented
5 months ago Assigned to root, saved in bitwarden
msdisme
commented
5 months ago also assigned to iam.
Hello,
Beginning May 16, 2024, AWS will require multi-factor authentication (MFA) for the root user of your AWS Organizations management account when accessing the AWS Console. MFA is one of the simplest and most effective mechanisms to enhance the security of your accounts, and can be configured at no additional cost.
Although MFA will be required for your account beginning May 16, 2024, we strongly recommend you to enable MFA now if you have not already done so to add another layer of protection for your account. Since the management account is key to privileged administrative tasks for other accounts in your AWS organization, such as account management, policies, integration with other AWS services, and consolidated billing, it is especially important to secure its root user with MFA. For more information about this change, you can review the blog we published about enhancing our customers’ default security posture on October 3, 2023 [1].
How can I enable MFA on my management account? You can enable MFA on your management account at any time by visiting the “Security Credentials” page, which is available in the top right account menu drop-down in the AWS Management Console. We support multiple industry standard forms of MFA, such as FIDO2 and virtual authenticators, to give you flexibility to choose a MFA device that meets your needs. We also recommend that you register more than one MFA device for resiliency, in the event one of your MFA devices is lost or stops working.
Please refer to our AWS IAM User Guide for additional information about how to enable MFA [2].
What happens if I do not enable MFA?
If you do not enable MFA for the root user of this account before May 16, 2024, you may be unable to access the AWS Console until you enable MFA. MFA is an important security control and one of our AWS IAM Security best practices, and we strongly encourage you to enable MFA now to add an additional layer of protection to your AWS Organizations management account.
If you have any questions or concerns, please reach out to AWS Support [3] or your Technical Account Manager.
[1] https://aws.amazon.com/blogs/security/security-by-design-aws-to-enhance-mfa-requirements-in-2024/ [2] https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_enable-overview.html [3] https://aws.amazon.com/support
Sincerely, Amazon Web Services
Amazon Web Services, Inc. is a subsidiary of Amazon.com, Inc. Amazon.com is a registered trademark of Amazon.com, Inc. This message was produced and distributed by Amazon Web Services Inc., 410 Terry Ave. North, Seattle, WA 98109-5210
Reference: https://health.aws.amazon.com/health/home?region=us-east-1#/event-log?eventID=arn:aws:health:global::event/ACCOUNT/AWS_ACCOUNT_NOTIFICATION/AWS_ACCOUNT_NOTIFICATION_ffd74e2f20fb212ca35aaaf08fde30b581b6f62a2cf756b518e55da992fabedf&eventTab=details