Back

Configure Identity and Access Management policies to organizational standards.


CONTROL ID
15422
CONTROL TYPE
Configuration
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS




This Control directly supports the implied Control(s):
  • Configure Key, Certificate, Password, Authentication and Identity Management settings in accordance with organizational standards., CC ID: 07621

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH




  • Ensure IAM policies that allow full "*:*" administrative privileges are not attached (Automated) Description: IAM policies are the means by which privileges are granted to users, groups, or roles. It is recommended and considered a standard security advice to grant least privilege -that is, granti… (1.16, CIS Amazon Web Services Foundations Benchmark Level 1, v3.0.0)
  • Ensure IAM policies that allow full "*:*" administrative privileges are not attached (Automated) Description: IAM policies are the means by which privileges are granted to users, groups, or roles. It is recommended and considered a standard security advice to grant least privilege -that is, granti… (1.16, CIS Amazon Web Services Foundations Benchmark, Combined Levels, v3.0.0)
  • Ensure IAM policies that allow full "*:*" administrative privileges are not attached Description: IAM policies are the means by which privileges are granted to users, groups, or roles. It is recommended and considered a standard security advice to grant least privilege -that is, granting only the pe… (1.16, CIS Amazon Web Services Foundations Benchmark, v1.4.0, Level 1)
  • Ensure IAM policies that allow full "*:*" administrative privileges are not attached Description: IAM policies are the means by which privileges are granted to users, groups, or roles. It is recommended and considered a standard security advice to grant least privilege -that is, granting only the pe… (1.16, CIS Amazon Web Services Foundations Benchmark, v1.4.0, Level 2)