Ensure console users have MFA enabled

All users that have access to the AWS console should have MFA enabled. For this reason it is considered a security best practice to ensure the account is not used and monitor its usage. Ensuring that the root account is not used will help you with CIS and NIST Compliance.

Audit & Remediation

  • Login into your AWS account.
  • Navigate to the IAM service at: https://console.aws.amazon.com/iam
  • On the left hand panel, navigate to Access reports, the select Credential report.
  • Select the button Download Report.
  • Open up the excel spreadsheet that was downloaded and filter on password_enabled set to true and mfa_enabled set to false.



  • Contact each end user and inform them to create an MFA for their account.
  • Repeat the outlined steps in each of your accounts.
See all of your AWS EC2 Instances in a single place!

Do you want to see all of your AWS EC2 Instances in once place for all regions and all accounts?
Login to our online demo to see exactly what this looks like.


Other Key Features


Consolidate your inventory management with consistent and frequent security logs, inventories, and change logs. Dashboard reporting for extensive analytical value.

learn more +

Cost & Usage

Access consolidated capacity, cost, and volume tools in a scaling environment without impacting production or breaking the bank.

learn more +