IAM users with access to your AWS infrastructure without the multi-factor authentication represent a significant security risk. If you need to audit and report on MFA adoption across all your AWS accounts, here’s a simple PostgreSQL query to do so:
SELECT user_name, arn, create_date, user_id, tags
FROM aws_iam_users AS u
WHERE u.user_name NOT IN
(SELECT user_name FROM aws_iam_mfa_devices)