By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

CLI command 'aws iam list-mfa-devices' does not return MFA devices belonging to the account root user

1

AWS CLI command aws iam list-mfa-devices does not appear to return MFA devices belonging to the account root user.

aws iam list-mfa-devices --user-name root
An error occurred (NoSuchEntity) when calling the ListMFADevices operation: The user with name root cannot be found.

However, CLI command aws iam list-virtual-mfa-devices does return virtual MFA devices belonging to the account root user.

Is this by design?

Thanks!

Topics
Security, Identity, & ComplianceManagement & Governance
Tags
AWS Identity and Access ManagementAWS Command Line Interface
Language
English
Rachel
asked a year ago685 views
1 Answer
1
Accepted Answer

Yes, it is by design. Note that root is not an IAM user, which is why it cannot find the user. aws iam list-users does not list root in the results.

profile picture
EXPERT
bwhaley
answered a year ago
profile pictureAWS
EXPERT
kentrad
reviewed a year ago
  • Rachel
    a year ago

    Got it, thanks. Is there any way to see if a hardware MFA device is configured for the root account via the CLI?

  • bwhaley EXPERT
    a year ago

    Not to the best of my knowledge, unfortunately. The root user is configured in the console.

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content