1 Answer
- Newest
- Most votes
- Most comments
0
Hi Martin,
One way to overcome this is to create an OU which is only used to house new accounts temporarily. This OU should not have the Disallow Actions as a Root User
guardrail enabled, allowing your platform team to login and activate MFA. Then the account is ready to move to it's actual intended OU, which does have the Disallow Actions as a Root User
enabled. Not a perfect solution, but it is one that I have seen with other customers.
Hope this helps!
answered 2 years ago
Relevant content
- Accepted Answerasked 3 months ago
- asked 2 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated a month ago
- AWS OFFICIALUpdated a year ago