Multi-factor authentication is hard to enforce in AWS, yet is it recommended through AWS Security best practices to have it enabled for all users. nOps allows you receive real time alerts when any of your users login to AWS console without MFA across all your projects.
Users Without MFA Rule
To enable the rule, simply go to the “Available nOps Rules” tab in nOps Rules and click on the “Users without MFA Check” rule.
Users without MFA summary
Once enabled, the rule will appear on the “Applied nOps Rules” tab with a count of all users that violates the rule.
Users without MFA Detail
Clicking on the rule in the “Applied nOps Rules” tab, you will be able to see, in detail, the users that do not have MFA enabled on their accounts.
Users without MFA Alerts
Once enabled, you can configure your nOps account to receive email, Slack, and/or Hipchat alerts, alerting you to when users enable their MFAs on the AWS console.