VirtualMFADevice

The VirtualMFADevice resource allows you to create and manage AWS IAM Virtual MFA Devices. Virtual MFA devices provide an additional layer of security for your AWS resources by requiring a second form of authentication.

Minimal Example

Create a basic Virtual MFA Device for a specified user:

import AWS from "alchemy/aws/control";

const virtualMfaDevice = await AWS.IAM.VirtualMFADevice("myVirtualMfaDevice", {
  VirtualMfaDeviceName: "MyVirtualMFADevice",
  Users: ["user@example.com"],
  Path: "/mfa/",
  Tags: [
    {
      Key: "Purpose",
      Value: "MFA for user authentication"
    }
  ]
});

Advanced Configuration

Configure a Virtual MFA Device with additional properties for more control:

const advancedMfaDevice = await AWS.IAM.VirtualMFADevice("advancedVirtualMfaDevice", {
  VirtualMfaDeviceName: "AdvancedVirtualMFADevice",
  Users: ["admin@example.com"],
  Path: "/admin/mfa/",
  Tags: [
    {
      Key: "Environment",
      Value: "Production"
    },
    {
      Key: "SecurityLevel",
      Value: "High"
    }
  ],
  adopt: true // Adopt existing resource if it already exists
});

Use Case: Multiple Users

Create a Virtual MFA Device for multiple users to enhance security in a team environment:

const teamMfaDevice = await AWS.IAM.VirtualMFADevice("teamVirtualMfaDevice", {
  VirtualMfaDeviceName: "TeamVirtualMFADevice",
  Users: [
    "developer1@example.com",
    "developer2@example.com",
    "developer3@example.com"
  ],
  Path: "/team/mfa/",
  Tags: [
    {
      Key: "Team",
      Value: "Development"
    }
  ]
});

Use Case: MFA Device with Specific Path

Create a Virtual MFA Device with a specific path to categorize it under a certain hierarchy:

const categorizedMfaDevice = await AWS.IAM.VirtualMFADevice("categorizedVirtualMfaDevice", {
  VirtualMfaDeviceName: "CategorizedVirtualMFADevice",
  Users: ["user@example.com"],
  Path: "/specific/path/",
  Tags: [
    {
      Key: "Category",
      Value: "User Security"
    }
  ]
});