Explanation:
Creating a custom AWS Config rule allows for a specific check on IAM users for MFA device association, ensuring compliance with the new regulatory requirement. This approach provides automated monitoring and reporting capabilities.
Ultimate access to all questions.
No comments yet.
You have been asked to assess the compliance of your AWS environment against a new regulatory requirement that mandates the use of multi-factor authentication (MFA) for all IAM users. How would you use AWS Config to monitor and report on the compliance of IAM users with this requirement?
A
Create a custom AWS Config rule to check for MFA devices associated with each IAM user.
B
Use the built-in AWS Config rule 'iam-user-mfa-enabled' to monitor compliance.
C
Manually check each IAM user for MFA device association.
D
Disable all IAM user access until MFA devices are configured.