πΌ AC-2(3) Account Management | Disable Accounts
- Contextual name: πΌ AC-2(3) Account Management | Disable Accounts
- ID:
/frameworks/nist-sp-800-53-r5/ac/02/03 - Located in: πΌ AC-2 Account Management
Descriptionβ
Disable accounts within [Assignment: organization-defined time period] when the accounts: (a) Have expired; (b) Are no longer associated with a user or individual; (c) Are in violation of organizational policy; or (d) Have been inactive for [Assignment: organization-defined time period].
Similarβ
- Sections
/frameworks/aws-fsbp-v1.0.0/iam/03/frameworks/aws-fsbp-v1.0.0/iam/07/frameworks/aws-fsbp-v1.0.0/iam/08
- Internal
- ID:
dec-c-96950234
- ID:
Similar Sections (Take Policies From)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ AWS Foundational Security Best Practices v1.0.0 β πΌ [IAM.3] IAM users' access keys should be rotated every 90 days or less | 1 | 1 | ||
| πΌ AWS Foundational Security Best Practices v1.0.0 β πΌ [IAM.7] Password policies for IAM users should have strong configurations | 1 | 2 | ||
| πΌ AWS Foundational Security Best Practices v1.0.0 β πΌ [IAM.8] Unused IAM user credentials should be removed | 1 |
Similar Sections (Give Policies To)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ FedRAMP High Security Controls β πΌ AC-2(3) Disable Accounts (M)(H) | 4 |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|
Policies (4)β
| Policy | Logic Count | Flags |
|---|---|---|
| π AWS Account IAM Password Policy minimum password length is 14 characters or less π’ | 1 | π’ x6 |
| π AWS Account IAM Password Policy Number of passwords to remember is not set to 24 π’ | 1 | π’ x6 |
| π AWS IAM User Access Keys are not rotated every 90 days or less π’ | 1 | π’ x6 |
| π AWS IAM User with credentials unused for 45 days or more is not disabled π’ | 1 | π’ x6 |
Internal Rulesβ
| Rule | Policies | Flags |
|---|---|---|
| βοΈ dec-x-bcb0c78f | 1 |