Require MFA on all AWS accounts (#26)

aws/iam/audit.tf

@@ -16,4 +16,5 @@ module "organization_access_group_audit" {
   name              = "admin"
   user_names        = ["${var.audit_account_user_names}"]
   member_account_id = "${var.audit_account_id}"
+  require_mfa       = "true"
 }

aws/iam/dev.tf

@@ -16,4 +16,5 @@ module "organization_access_group_dev" {
   name              = "admin"
   user_names        = ["${var.dev_account_user_names}"]
   member_account_id = "${var.dev_account_id}"
+  require_mfa       = "true"
 }

aws/iam/prod.tf

@@ -16,4 +16,5 @@ module "organization_access_group_prod" {
   name              = "admin"
   user_names        = ["${var.prod_account_user_names}"]
   member_account_id = "${var.prod_account_id}"
+  require_mfa       = "true"
 }

aws/iam/staging.tf

@@ -16,4 +16,5 @@ module "organization_access_group_staging" {
   name              = "admin"
   user_names        = ["${var.staging_account_user_names}"]
   member_account_id = "${var.staging_account_id}"
+  require_mfa       = "true"
 }

aws/iam/testing.tf

@@ -8,12 +8,13 @@ variable "testing_account_user_names" {
   description = "IAM user names to grant access to Testing account"
 }
 
-# Provision group access to testing account. Careful! Very few people, if any should have access to this account.
+# Provision group access to testing account
 module "organization_access_group_testing" {
   source            = "git::https://github.com/cloudposse/terraform-aws-organization-access-group.git?ref=tags/0.1.2"
   namespace         = "${var.namespace}"
   stage             = "testing"
   name              = "admin"
   user_names        = ["${var.testing_account_user_names}"]
   member_account_id = "${var.testing_account_id}"
+  require_mfa       = "true"
 }