iam_group_user_role_no_inline_policies

IAM groups, users, and roles should not have any inline policies

iam_policy_no_star_star

IAM policy should not have statements with admin access

iam_user_in_group

IAM users should be in at least one group

iam_user_no_inline_attached_policies

IAM user should not have any inline or attached policies

Authorize network access to [Assignment: organization-defined privileged commands] only for [Assignment: organization-defined compelling operational needs] and document the rationale for such access in the security plan for the system.

nist_800_53_rev_5_ac_6_3

nist_800_53_rev_5_ac_6

Least Privilege (AC-6)

AC-6(3)

aws_compliance

Run individual configuration, compliance and security controls or full compliance benchmarks for CIS, FFIEC, PCI, NIST, HIPAA, RBI CSF, GDPR, SOC 2, Audit Manager Control Tower, FedRAMP, GxP and AWS Foundational Security Best Practices controls across all your AWS accounts using Steampipe.

AWS Compliance

Apache License 2.0

steampipe-mod-aws-compliance

turbot/aws_compliance

Benchmark: AC-6(3)

Description

Usage

Controls

Tags

Steampipe

Resources

Community