Benchmark: Requirement 8: Identify Users and Authenticate Access to System Components
Description
Identification of an individual or process on a computer system is conducted by associating an identity with a person or process through an identifier, such as a user, system, or application ID. These IDs (also referred to as “accounts”) fundamentally establish the identity of an individual or process by assigning unique identification to each person or process to distinguish one user or process from another. When each user or process can be uniquely identified, it ensures there is accountability for actions performed by that identity. When such accountability is in place, actions taken can be traced to known and authorized users and processes.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-aws-complianceStart the Powerpipe server:
steampipe service startpowerpipe serverOpen http://localhost:9033 in your browser and select Requirement 8: Identify Users and Authenticate Access to System Components.
Run this benchmark in your terminal:
powerpipe benchmark run aws_compliance.benchmark.pci_dss_v40_requirement_8Snapshot and share results via Turbot Pipes:
powerpipe benchmark run aws_compliance.benchmark.pci_dss_v40_requirement_8 --shareBenchmarks
- 8.2: User identification and related accounts for users and administrators are strictly managed throughout an account's lifecycle
- 8.3: Strong authentication for users and administrators is established and managed
- 8.4: Multi-factor authentication (MFA) is implemented to secure access into the CDE
- 8.6: Use of application and system accounts and associated authentication factors is strictly managed