💼 AC-6(2) Non-privileged Access for Nonsecurity Functions (M)(H)

Contextual name: 💼 AC-6(2) Non-privileged Access for Nonsecurity Functions (M)(H)
ID: /frameworks/fedramp-moderate-security-controls/ac/06/02
Located in: 💼 AC-6 Least Privilege (M)(H)

Description

Require that users of system accounts (or roles) with access to [FedRAMP Assignment: all security functions] use non-privileged accounts or roles, when accessing nonsecurity functions. AC-6 (2) Additional FedRAMP Requirements and Guidance: Guidance: Examples of security functions include but are not limited to: establishing system accounts, configuring access authorizations (i.e., permissions, privileges), setting events to be audited, and setting intrusion detection parameters, system programming, system and security administration, other privileged functions.

Similar

Sections
- /frameworks/fedramp-high-security-controls/ac/06/02
Internal
- ID: dec-c-9da6a6b7

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 FedRAMP High Security Controls → 💼 AC-6(2) Non-privileged Access for Nonsecurity Functions (M)(H)		1	4

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Policies (4)

Policy	Logic Count	Flags
📝 AWS Account Root User credentials were used is the last 30 days 🔴🟢	1	🔴 x1, 🟢 x6
📝 AWS Account Root User has active access keys 🟢	1	🟢 x6
📝 AWS IAM Policy allows full administrative privileges 🟢	1	🟢 x6
📝 AWS IAM User with console and programmatic access set during the initial creation 🟢		🟢 x3

Description​

Similar​

Similar Sections (Take Policies From)​

Sub Sections​

Policies (4)​

Description

Similar

Similar Sections (Take Policies From)

Sub Sections

Policies (4)