{{ }} Substitute variables
Adjust the variable values according to your preference.
Policy Code
Referenced from: https://docs.aws.amazon.com/organizations/latest/userguide/orgs_manage_policies_scps_examples_general.html#example-scp-mfa
1{
2 "Version": "2012-10-17",
3 "Statement": [
4 {
5 "Effect": "Deny",
6 "Action": [
7 "ec2:StopInstances",
8 "ec2:TerminateInstances"
9 ],
10 "Resource": "*",
11 "Condition": {"BoolIfExists": {"aws:MultiFactorAuthPresent": false}}
12 }
13 ]
14}
DOC
Modify the list of actions you wish to enforce MFA on.