Skip to main content

💼 AC-6(2) Least Privilege | Non-privileged Access for Nonsecurity Functions

Contextual name: 💼 AC-6(2) Least Privilege | Non-privileged Access for Nonsecurity Functions
ID: /frameworks/nist-sp-800-53-r5/ac/06/02
Located in: 💼 AC-6 Least Privilege

Description

Require that users of system accounts (or roles) with access to [Assignment: organization-defined security functions or security-relevant information] use non-privileged accounts or roles, when accessing nonsecurity functions.

Similar

Sections
- /frameworks/aws-fsbp-v1.0.0/efs/04
- /frameworks/aws-fsbp-v1.0.0/iam/01
- /frameworks/aws-fsbp-v1.0.0/iam/04
- /frameworks/aws-fsbp-v1.0.0/iam/21
- /frameworks/aws-fsbp-v1.0.0/sagemaker/03
Internal
- ID: dec-c-738dc0bf

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [EFS.4] EFS access points should enforce a user identity
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [IAM.1] IAM policies should not allow full "*" administrative privileges		1	1
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [IAM.4] IAM root user access key should not exist		1	1
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [IAM.21] IAM customer managed policies that you create should not allow wildcard actions for services
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [SageMaker.3] Users should not have root access to SageMaker AI notebook instances

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 FedRAMP High Security Controls → 💼 AC-6(2) Non-privileged Access for Nonsecurity Functions (M)(H)		1	4

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Policies (4)

Policy	Logic Count	Flags
📝 AWS Account Root User credentials were used is the last 30 days 🔴🟢	1	🔴 x1, 🟢 x6
📝 AWS Account Root User has active access keys 🟢	1	🟢 x6
📝 AWS IAM Policy allows full administrative privileges 🟢	1	🟢 x6
📝 AWS IAM User with console and programmatic access set during the initial creation 🟢		🟢 x3

Internal Rules

Rule	Policies	Flags
✉️ dec-x-0a7801fb	1
✉️ dec-x-157aa4b9	1
✉️ dec-x-b10e98af	1
✉️ dec-x-e58fd8e0	1

Description
Similar
Similar Sections (Take Policies From)
Similar Sections (Give Policies To)
Sub Sections
Policies (4)
Internal Rules