How to check if MFA is allowed for root account in AWS using boto?

Question

How to check if MFA is allowed for root account in AWS using boto?

I am working on a trusted advisor and should check if MFA is enabled for the root level? Its in the Security section of the Trusted Advisor panel. I work in Python using Boto.

+4

python api amazon-web-services boto

upaang saxena Mar 30 '15 at 6:20

source share

1 answer

garnaat · Accepted Answer · 2015-03-30T11:08:31+0000

You would use an API call GetAccountSummaryin IAM, which is available as a method call get_account_summaryin boto.iam.IAMConnection.

import boto.iam
conn = boto.iam.connect_to_region('us-east-1')
summary = conn.get_account_summary()

This returns a Python dictionary containing a lot of information about your account. In particular, to find out if MFA is enabled,

if summary['AccountMFAEnabled']:
    # MFA is enabled
else:
    # MFA is not enabled

How to check if MFA is allowed for root account in AWS using boto?

More articles: