Clouds Without Protected Root Account

This bot inspects all configured cloud accounts for the presence of a global root account without MFA (multi-factor authentication) enabled. This is a shared account which cloud providers such as Amazon Web Services discourage using. Keeping this account enabled without MFA introduces security and compliance risks.

Severity

High

Resource Types Inspected

Organization Services (Cloud Accounts)

Reactive Hookpoints

resource.modified