- Mais recentes
- Mais votos
- Mais comentários
As far as I know, currently, you cannot pass MFA status from the Identity Center requirement to the 'Permission Set' created in an account from the IAM IC Service. You will need to require MFA on our IAM IC Users and assume that access to the account was provided only because the user could log in and access the account through Identity Center. The users in IC are not users presented to your member account(s). The access is granted through an assumed Role. This is something the SSO/IC team had been working on but I do not think is released yet. Long and short, that Bool Condition will only work on individual IAM users on a per member account basis.
Hi,
By default, all requests are implicitly denied with the exception of the AWS account root user, which has full access.
Can you try to create an Allow policy with aws:MultiFactorAuthPresent: 'true'
Best regards,
Ricardo Makino
Conteúdo relevante
- AWS OFICIALAtualizada há 2 anos
- Como utilizar um token de MFA para autenticar o acesso aos meus recursos da AWS por meio da AWS CLI?AWS OFICIALAtualizada há 2 anos
- AWS OFICIALAtualizada há 2 anos