Skip to main content

πŸ’Ό AC-6(10) Least Privilege | Prohibit Non-privileged Users from Executing Privileged Functions

  • Contextual name: πŸ’Ό AC-6(10) Least Privilege | Prohibit Non-privileged Users from Executing Privileged Functions
  • ID: /frameworks/nist-sp-800-53-r5/ac/06/10
  • Located in: πŸ’Ό AC-6 Least Privilege

Description​

Prevent non-privileged users from executing privileged functions.

Similar​

  • Sections
    • /frameworks/aws-fsbp-v1.0.0/efs/03
    • /frameworks/aws-fsbp-v1.0.0/iam/01
    • /frameworks/aws-fsbp-v1.0.0/iam/04
    • /frameworks/aws-fsbp-v1.0.0/iam/21
    • /frameworks/aws-fsbp-v1.0.0/sagemaker/03
  • Internal
    • ID: dec-c-3c21e78a

Similar Sections (Take Policies From)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό AWS Foundational Security Best Practices v1.0.0 β†’ πŸ’Ό [EFS.3] EFS access points should enforce a root directory
πŸ’Ό AWS Foundational Security Best Practices v1.0.0 β†’ πŸ’Ό [IAM.1] IAM policies should not allow full "*" administrative privileges11
πŸ’Ό AWS Foundational Security Best Practices v1.0.0 β†’ πŸ’Ό [IAM.4] IAM root user access key should not exist11
πŸ’Ό AWS Foundational Security Best Practices v1.0.0 β†’ πŸ’Ό [IAM.21] IAM customer managed policies that you create should not allow wildcard actions for services
πŸ’Ό AWS Foundational Security Best Practices v1.0.0 β†’ πŸ’Ό [SageMaker.3] Users should not have root access to SageMaker AI notebook instances

Similar Sections (Give Policies To)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό FedRAMP High Security Controls β†’ πŸ’Ό AC-6(10) Prohibit Non-privileged Users from Executing Privileged Functions (M)(H)13

Sub Sections​

SectionSub SectionsInternal RulesPoliciesFlags

Policies (2)​

PolicyLogic CountFlags
πŸ“ AWS Account Root User has active access keys 🟒1🟒 x6
πŸ“ AWS IAM Policy allows full administrative privileges 🟒1🟒 x6