cartography icon indicating copy to clipboard operation
cartography copied to clipboard
verified publisher icon lyft

AWS IAM get_account_summary

Open achantavy opened this issue 3 months ago • 2 comments

Description

Describe your idea. Please be detailed. If a feature request, please describe the desired behavior, what scenario it enables, and how it would be used.

We should audit AWS IAM get_account_summary so that we monitor whether the root account has MFA enabled.

Motivation

Why is this feature needed? What problem does it solve or opportunity does it unlock?

This is an important compliance check.

Alternatives Considered

List other approaches or ideas considered, and why they were not chosen.

Could also do this with generate_credential_report + get_credential_report, but this way requires polling.

Relevant Links

Any extra documentation required to understand the issue.

achantavy avatar Sep 08 '25 05:09 achantavy

Hi, I would like to work on this issue!

krishi-agrawal avatar Sep 09 '25 04:09 krishi-agrawal

@krishi-agrawal - no need to ask for permission, just do it haha.

The one tricky part is we need to represent the root user of the account as its own node and then we need to add an attribute to it to indicate whether it has MFA enabled

achantavy avatar Sep 09 '25 05:09 achantavy