πΌ 1 Identity and access management controls would ideally ensure access to information assets is only granted where a valid business need exists, and only for as long as access is required. Access is typically granted to users, special purpose system accounts, and information assets such as services and other software.
- Contextual name: πΌ 1 Identity and access management controls would ideally ensure access to information assets is only granted where a valid business need exists, and only for as long as access is required. Access is typically granted to users, special purpose system accounts, and information assets such as services and other software.
- ID:
/frameworks/apra-cpg-234/c/1 - Located in: πΌ Attachment C - Identity and access
Descriptionβ
Empty...
Similarβ
- Internal
- ID:
dec-c-f430a199
- ID:
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|
Policies (3)β
| Policy | Logic Count | Flags |
|---|---|---|
| π AWS EC2 Instance IAM role is not attached π’ | 1 | π’ x6 |
| π AWS IAM User has inline or directly attached policies π’ | 1 | π x1, π’ x5 |
| π Azure Key Vault Role Based Access Control is not enabled π’ | 1 | π’ x6 |
Internal Rulesβ
| Rule | Policies | Flags |
|---|---|---|
| βοΈ dec-x-6c93750d | 1 | |
| βοΈ dec-x-4157c58a | 1 | |
| βοΈ dec-x-c8041456 | 1 |