💼 AC-6(2) Non-privileged Access for Nonsecurity Functions (M)(H)

ID: /frameworks/fedramp-moderate-security-controls/ac/06/02

Description

Require that users of system accounts (or roles) with access to [FedRAMP Assignment: all security functions] use non-privileged accounts or roles, when accessing nonsecurity functions. AC-6 (2) Additional FedRAMP Requirements and Guidance: Guidance: Examples of security functions include but are not limited to: establishing system accounts, configuring access authorizations (i.e., permissions, privileges), setting events to be audited, and setting intrusion detection parameters, system programming, system and security administration, other privileged functions.

Similar

Sections
- /frameworks/fedramp-high-security-controls/ac/06/02
Internal
- ID: dec-c-9da6a6b7

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 FedRAMP High Security Controls → 💼 AC-6(2) Non-privileged Access for Nonsecurity Functions (M)(H)		1	5		no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Policies (5)

Policy	Logic Count	Flags	Compliance
🛡️ AWS Account Root User credentials were used is the last 30 days🟢	1	🟢 x6	no data
🛡️ AWS Account Root User has active access keys🟢	1	🟢 x6	no data
🛡️ AWS IAM Policy allows full administrative privileges🟢	1	🟢 x6	no data
🛡️ AWS IAM User has inline or directly attached policies🟢	1	🟠 x1, 🟢 x5	no data
🛡️ AWS IAM User with console and programmatic access set during the initial creation🟢⚪		🟢 x2, ⚪ x1	no data

Description​

Similar​

Similar Sections (Take Policies From)​

Sub Sections​

Policies (5)​

Description

Similar

Similar Sections (Take Policies From)

Sub Sections

Policies (5)