Checks/Aws/Test-IamUserMfaEnabledConsoleAccess.ps1
|
function Test-IamUserMfaEnabledConsoleAccess { <# .SYNOPSIS IAM user has MFA enabled for console access or no console password is set .DESCRIPTION **IAM users** that have a console password are expected to have **multi-factor authentication** enabled. The evaluation identifies users who can sign in to the AWS Management Console but do not have an active MFA device associated. .PARAMETER Check CIEMCheck object containing check metadata. #> [CmdletBinding()] [OutputType([PSCustomObject[]])] param( [Parameter(Mandatory)] [CIEMCheck]$Check ) $ErrorActionPreference = 'Stop' # TODO: Implement check logic based on Prowler check: iam_user_mfa_enabled_console_access [CIEMScanResult]::Create($Check, 'MANUAL', 'This check requires manual implementation. See Prowler check iam_user_mfa_enabled_console_access for reference.', 'N/A', 'iam Resources') } |