Skip to main content

💼 AC-2(1) Automated System Account Management (M)(H)

  • Contextual name: 💼 AC-2(1) Automated System Account Management (M)(H)
  • ID: /frameworks/fedramp-moderate-security-controls/ac/02/01
  • Located in: 💼 AC-2 Account Management (L)(M)(H)

Description

Support the management of system accounts using [Assignment: organization-defined automated mechanisms].

Similar

  • Sections
    • /frameworks/fedramp-high-security-controls/ac/02/01
  • Internal
    • ID: dec-c-3dc09811

Similar Sections (Take Policies From)

SectionSub SectionsInternal RulesPoliciesFlags
💼 FedRAMP High Security Controls → 💼 AC-2(1) Automated System Account Management (M)(H)16

Sub Sections

SectionSub SectionsInternal RulesPoliciesFlags

Policies (16)

PolicyLogic CountFlags
📝 AWS Account IAM Password Policy minimum password length is 14 characters or less 🟢1🟢 x6
📝 AWS Account IAM Password Policy Number of passwords to remember is not set to 24 🟢1🟢 x6
📝 AWS Account Root User has active access keys 🟢1🟢 x6
📝 AWS Account Root User Hardware MFA is not enabled. 🟢🟢 x3
📝 AWS IAM Policy allows full administrative privileges 🟢1🟢 x6
📝 AWS IAM User Access Keys are not rotated every 90 days or less 🟢1🟢 x6
📝 AWS IAM User has inline or directly attached policies 🟢1🟠 x1, 🟢 x5
📝 AWS IAM User MFA is not enabled for all users with console password 🟢1🟢 x6
📝 AWS IAM User with credentials unused for 45 days or more is not disabled 🟢1🟢 x6
📝 Azure App Service is not registered with Microsoft Entra ID 🟢1🟢 x6
📝 Azure Non-RBAC Key Vault stores Keys without expiration date 🟢1🟢 x6
📝 Azure Non-RBAC Key Vault stores Secrets without expiration date 🟢1🟢 x6
📝 Azure RBAC Key Vault stores Keys without expiration date 🟢1🟢 x6
📝 Azure RBAC Key Vault stores Secrets without expiration date 🟢1🟢 x6
📝 Azure SQL Database Transparent Data Encryption is not enabled 🟢1🟢 x6
📝 Azure SQL Server Microsoft Entra authentication is not configured 🟢1🟢 x6