turbot/alicloud_compliance

Query: ram_root_account_mfa_enabled

Usage

powerpipe query alicloud_compliance.query.ram_root_account_mfa_enabled

SQL

select
'acs:ram::' || account_id || ':user/' || user_name as resource,
case
when mfa_active then 'ok'
else 'alarm'
end as status,
case
when mfa_active then user_name || ' MFA enabled.'
else user_name || ' MFA not enabled.'
end as reason,
account_id as account_id
from
alicloud_ram_credential_report
where
user_name = '<root>';

Controls

The query is being used by the following controls: