💼 AC-6(3) Network Access to Privileged Commands (H)
- ID:
/frameworks/fedramp-high-security-controls/ac/06/03
Description
Authorize network access to [FedRAMP Assignment: all privileged commands] only for [Assignment: organization-defined compelling operational needs] and document the rationale for such access in the security plan for the system.
Similar
- Sections
/frameworks/nist-sp-800-53-r5/ac/06/03
- Internal
- ID:
dec-c-303be4bb
- ID:
Similar Sections (Take Policies From)
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 NIST SP 800-53 Revision 5 → 💼 AC-6(3) Least Privilege _ Network Access to Privileged Commands | 6 | no data |
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|
Policies (6)
| Policy | Logic Count | Flags | Compliance |
|---|---|---|---|
| 🛡️ AWS IAM Customer Managed Policy allows KMS decryption actions on all KMS keys🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS IAM Group Inline Policy allows KMS decryption actions on all KMS keys🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS IAM Policy allows full administrative privileges🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS IAM Role Inline Policy allows KMS decryption actions on all KMS keys🟢 | 1 | 🟢 x6 | no data |
| 🛡️ AWS IAM User has inline or directly attached policies🟢 | 1 | 🟠 x1, 🟢 x5 | no data |
| 🛡️ AWS IAM User Inline Policy allows KMS decryption actions on all KMS keys🟢 | 1 | 🟢 x6 | no data |
Internal Rules
| Rule | Policies | Flags |
|---|---|---|
| ✉️ dec-x-157aa4b9 | 1 |