Skip to main content

💼 AC-6(10) Least Privilege | Prohibit Non-privileged Users from Executing Privileged Functions

Contextual name: 💼 AC-6(10) Least Privilege | Prohibit Non-privileged Users from Executing Privileged Functions
ID: /frameworks/nist-sp-800-53-r5/ac/06/10
Located in: 💼 AC-6 Least Privilege

Description

Prevent non-privileged users from executing privileged functions.

Similar

Sections
- /frameworks/aws-fsbp-v1.0.0/efs/03
- /frameworks/aws-fsbp-v1.0.0/iam/01
- /frameworks/aws-fsbp-v1.0.0/iam/04
- /frameworks/aws-fsbp-v1.0.0/iam/21
- /frameworks/aws-fsbp-v1.0.0/sagemaker/03
Internal
- ID: dec-c-3c21e78a

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [EFS.3] EFS access points should enforce a root directory
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [IAM.1] IAM policies should not allow full "*" administrative privileges		1	1
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [IAM.4] IAM root user access key should not exist		1	1
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [IAM.21] IAM customer managed policies that you create should not allow wildcard actions for services
💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [SageMaker.3] Users should not have root access to SageMaker AI notebook instances

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 FedRAMP High Security Controls → 💼 AC-6(10) Prohibit Non-privileged Users from Executing Privileged Functions (M)(H)		1	3

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Policies (2)

Policy	Logic Count	Flags
📝 AWS Account Root User has active access keys 🟢	1	🟢 x6
📝 AWS IAM Policy allows full administrative privileges 🟢	1	🟢 x6

Description
Similar
Similar Sections (Take Policies From)
Similar Sections (Give Policies To)
Sub Sections
Policies (2)