If this monitor returns no data, it's often due to the absence of users with password-based access. This monitor filters out service accounts and only includes users where password_enabled = true.
🔍 Why This Happens
The monitor Cloud IAM | Users Configuration of MFA only returns data for IAM users who have:
-
Console access
-
A password set
If no such users exist, the monitor will return no results.
Service accounts and programmatic-only users are excluded.
✅ What You Need to Do
To begin seeing data, ensure you have at least one IAM user with console access and a password. You can either:
➕ Option 1: Create a New IAM User with a Password
-
Open the IAM Console
-
Click “Add user”
-
Enter a username
-
Under Access type, select “AWS Management Console access”
-
Choose an autogenerated or custom password
-
Set appropriate permissions or assign the user to a group
-
Review the settings and create the user
-
Share credentials so the user can log in
🔧 Option 2: Enable Password for an Existing IAM User
-
Open the IAM Console
-
Go to Users and select the existing user
-
Click the “Security credentials” tab
-
In the Console password section, click “Manage”
-
Assign a custom password and optionally require a reset
-
Save changes
📌 Reminder: Once you’ve added a password-enabled user, the monitor will begin returning data automatically.