In AWS IAM, which of the following predefined policy condition keys checks how long ago (in seconds) the MFA-validated security credentials making the request were issued using multi- factor authentication (MFA)?

By:
In: SAP-C01
Tagged:
With: 1 Comment

In AWS IAM, which of the following predefined policy condition keys checks how long ago (in seconds) the MFA-validated security credentials making the request were issued using multi- factor authentication (MFA)?

aws:MultiFactorAuthAge

aws:MultiFactorAuthLast

aws:MFAAge

aws:MultiFactorAuthPrevious

Explanations:

aws:MultiFactorAuthAgeis the correct condition key that checks the age (in seconds) of MFA authentication.

aws:MultiFactorAuthLastis not a valid AWS IAM condition key.

aws:MFAAgeis not a recognized AWS IAM condition key.

aws:MultiFactorAuthPreviousis not a valid AWS IAM condition key.

2025-10-18

1 Comment

  1. Samuel
    Author

    As I recall, the answer is:
    aws:MultiFactorAuthAge

Leave a Reply

Your email address will not be published. Required fields are marked *

five × two =