💼 Role-Based Access Control (RBAC) Management

• Contextual name: 💼 Role-Based Access Control (RBAC) Management
• ID: /frameworks/cloudaware/identity-and-access-governance/rbac-management
• Located in: 💼 Identity & Access Governance

Description

Policies for identifying excessive or improperly configured access rights based on roles.

Similar

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Policies (13)

Policy	Logic Count	Flags
📝 AWS EKS Cluster has node IAM role with AmazonEKS_CNI_Policy attached 🔴🟢	1	🔴 x1, 🟢 x6
📝 AWS EKS Cluster IAM OIDC provider is not created 🟢	1	🟢 x6
📝 AWS IAM Role unused 🟢	1	🟢 x6
📝 AWS Support Role is not created 🟢	1	🟢 x6
📝 Azure Privileged Role Assignments are not periodically reviewed 🟢		🟢 x3
📝 Azure Subscription Custom Subscription Administrator Roles exist 🟢	1	🟢 x6
📝 Azure Subscription Resource Lock Administrator Custom Role does not exist 🟢		🟢 x3
📝 Azure User Access Administrator Role has assignments 🟢	1	🟢 x6
📝 Google IAM Roles related to KMS are not assigned to separate users 🟢	1	🟢 x6
📝 Google IAM Service Account has admin privileges 🟢	1	🟢 x6
📝 Google IAM Users are assigned the Service Account User or Service Account Token Creator roles at Project level 🟢	1	🟢 x6
📝 Google User has both Service Account Admin and Service Account User roles assigned 🟢	1	🟢 x6
📝 Microsoft Entra ID Global Administrator Role assigned to more than 4 users 🟢		🟢 x3