Ensure all AWS root accounts have MFA enabled

[Firefishy]

AWS requires root accounts to have MFA from May 16, 2024.

Ensure that all our accounts have MFA enabled on the root account and that the MFA secret is saved in our secrets store.

[Firefishy]

https://aws.amazon.com/blogs/security/security-by-design-aws-to-enhance-mfa-requirements-in-2024/

[Firefishy]

Documentation on how to enable: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_mfa_enable-overview.html

[Firefishy]

All servers face cold side correctly.

Our switches currently face rear of rack and have incorrect airflow (AFO, instead of AFI). Switching to AFI is ~£200 per switch.