v1.0 for Steampipe, Powerpipe, Flowpipe, 116 plugins, and 44 mods →
Powerpipe Hub 
Hub
Mods
turbot/aws_compliance
Overview
32Dashboards
1295Controls
585Queries
4Variables
GitHub

Benchmark: 3.1.6 Use non-privileged accounts or roles when accessing nonsecurity functions

Description

This requirement limits exposure when operating from within privileged accounts or roles. The inclusion of roles addresses situations where organizations implement access control policies such as role-based access control and where a change of role provides the same degree of assurance in the change of access authorizations for the user and all processes acting on behalf of the user as would be provided by a change between a privileged and non-privileged account.

Usage

Install the mod:

mkdir dashboards
cd dashboards
powerpipe mod init
powerpipe mod install github.com/turbot/steampipe-mod-aws-compliance

Start the Powerpipe server:

steampipe service start
powerpipe server

Open http://localhost:9033 in your browser and select 3.1.6 Use non-privileged accounts or roles when accessing nonsecurity functions.

Run this benchmark in your terminal:

powerpipe benchmark run aws_compliance.benchmark.nist_800_171_rev_2_3_1_6

Snapshot and share results via Turbot Pipes:

powerpipe benchmark run aws_compliance.benchmark.nist_800_171_rev_2_3_1_6 --share

Controls

Tags

category = Compliance
nist_800_171_rev_2 = true
plugin = aws
service = AWS
type = Benchmark