πΌ AC-6(5) Privileged Accounts (M)(H)
- Contextual name: πΌ AC-6(5) Privileged Accounts (M)(H)
- ID:
/frameworks/fedramp-moderate-security-controls/ac/06/05 - Located in: πΌ AC-6 Least Privilege (M)(H)
Descriptionβ
Restrict privileged accounts on the system to [Assignment: organization-defined personnel or roles].
Similarβ
- Sections
/frameworks/fedramp-high-security-controls/ac/06/05
- Internal
- ID:
dec-c-e84263ed
- ID:
Similar Sections (Take Policies From)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ FedRAMP High Security Controls β πΌ AC-6(5) Privileged Accounts (M)(H) | 3 | 5 |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|
Policies (5)β
| Policy | Logic Count | Flags |
|---|---|---|
| π AWS Account IAM Access Analyzer is not enabled for all regions π’ | 1 | π’ x6 |
| π AWS Account Root User credentials were used is the last 30 days π΄π’ | 1 | π΄ x1, π’ x6 |
| π AWS Account Root User has active access keys π’ | 1 | π’ x6 |
| π AWS IAM Policy allows full administrative privileges π’ | 1 | π’ x6 |
| π AWS IAM User with console and programmatic access set during the initial creation π’ | π’ x3 |