This topic describes the managed rule that is related to Resource Access Management (RAM) and the methods to fix non-compliance issues.
ram-user-mfa-check
Checks whether multi-factor authentication (MFA) is enabled for a RAM user of your account.
Trigger type: configuration change
Applicable resource type: ACS::RAM::User
Input parameter: none
- RAM Console
For information about how to enable MFA in the RAM console, see Enable an MFA device for a RAM user.
- API
You can also call the UpdateLoginProfile API operation. To enable MFA for the RAM user, set MFABindRequired to true. For more information, see UpdateLoginProfile.