IAM misconfigurations

User with Privilege Escalation Permissions without MFA

Description

User has roles which allows Privilege escalation, while the user does not have multi-factor authentication activated. If the user will be compromised, the entire account can be compromised
  • Recommended Mitigation

    Enable MFA for privileged escalation user.