💼 AC-2(3) Account Management | Disable Accounts

Contextual name: 💼 AC-2(3) Account Management | Disable Accounts
ID: /frameworks/nist-sp-800-53-r5/ac/02/03
Located in: 💼 AC-2 Account Management

Description

Disable accounts within [Assignment: organization-defined time period] when the accounts: (a) Have expired; (b) Are no longer associated with a user or individual; (c) Are in violation of organizational policy; or (d) Have been inactive for [Assignment: organization-defined time period].

Similar

Sections
- /frameworks/aws-fsbp-v1.0.0/iam/03
- /frameworks/aws-fsbp-v1.0.0/iam/07
- /frameworks/aws-fsbp-v1.0.0/iam/08
Internal
- ID: dec-c-96950234

Similar Sections (Take Policies From)

Section	Internal Rules	Policies
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [IAM.3] IAM users' access keys should be rotated every 90 days or less	1	1
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [IAM.7] Password policies for IAM users should have strong configurations	1	2
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [IAM.8] Unused IAM user credentials should be removed		1

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 FedRAMP High Security Controls → 💼 AC-2(3) Disable Accounts (M)(H)			4

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Policies (4)

Policy	Logic Count	Flags
📝 AWS Account IAM Password Policy minimum password length is 14 characters or less 🟢	1	🟢 x6
📝 AWS Account IAM Password Policy Number of passwords to remember is not set to 24 🟢	1	🟢 x6
📝 AWS IAM User Access Keys are not rotated every 90 days or less 🟢	1	🟢 x6
📝 AWS IAM User with credentials unused for 45 days or more is not disabled 🟢	1	🟢 x6

Internal Rules

Rule	Policies	Flags
✉️ dec-x-bcb0c78f	1

Description​

Similar​

Similar Sections (Take Policies From)​

Similar Sections (Give Policies To)​

Sub Sections​

Policies (4)​

Internal Rules​