"User without MFA" in AWS GovCloud not working

[ikspozd]

The IAM finding called "User without MFA" is not working in AWS GovCloud.

The command aws iam list-mfa-devices --user-name Bob returns the following:

{ "MFADevices": [] }

This output means the user does not have a virtual MFA enabled. However, the ScoutSuite report doesn't report that Bob is missing MFA under the "User without MFA" finding and instead shows that finding as "Good" or in green.