CRED-CLUB/DIAL

No support for CheckMFA in IAM Event Handler

Closed this issue · 1 comments

VisheshBansal commented

Hi Team,
Currently DIAL doesn't support the case for CheckMfa for IAM Users. I have attached the event for this, redacting any confidential details.

{
    "eventVersion": "1.08",
    "userIdentity": {
        "type": "IAMUser",
        "principalId": "OMITTED_FOR_PRIVACY",
        "accountId": "OMITTED_FOR_PRIVACY",
        "accessKeyId": "",
        "userName": "user@example.com"
    },
    "eventTime": "2022-08-22T09:58:16Z",
    "eventSource": "signin.amazonaws.com",
    "eventName": "CheckMfa",
    "awsRegion": "ap-south-1",
    "sourceIPAddress": "1.2.3.4",
    "userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36",
    "requestParameters": null,
    "responseElements": {
        "CheckMfa": "Success"
    },
    "additionalEventData": {
        "MfaType": "Virtual MFA"
    },
    "eventID": "SOME_EVENT_ID",
    "readOnly": false,
    "eventType": "AwsConsoleSignIn",
    "managementEvent": true,
    "recipientAccountId": "OMITTED_FOR_PRIVACY",
    "eventCategory": "Management",
    "tlsDetails": {
        "tlsVersion": "TLSv1.2",
        "cipherSuite": "ECDHE-RSA-AES128-GCM-SHA256",
        "clientProvidedHostHeader": "ap-south-1.signin.aws.amazon.com"
    }
}
VisheshBansal commented

Hi @groovyBugify @HarshVaragiya , could you have a look into the same?

Thanks!