Loading controls...
Benchmark: Separation Of Duties (AC-5)
Description
Separate duties of individuals to prevent malevolent activity. automate separation of duties and access authorizations.
Usage
Browse dashboards and select Separation Of Duties (AC-5):
steampipe dashboard
Or run the benchmarks in your terminal:
steampipe check aws_compliance.benchmark.nist_800_53_rev_4_ac_5
Snapshot and share results via Steampipe Cloud:
steampipe loginsteampipe check --share aws_compliance.benchmark.nist_800_53_rev_4_ac_5
Controls
- EMR cluster Kerberos should be enabled
- IAM groups should have at least one user
- IAM policy should not have statements with admin access
- IAM user should not have any inline or attached policies