Indicators for secure access and delegation

Establish scalable, fine-grained access controls that balance security with team autonomy. Granting explicit, temporary access based on the principle of least privilege, providing procedures for emergencies, and regularly auditing access controls to align with evolving requirements and threats.

Indicators

[AG.SAD.1] Centralize and federate access with temporary credential vending
[AG.SAD.2] Delegate identity and access management responsibilities
[AG.SAD.3] Treat pipelines as production resources
[AG.SAD.4] Limit human access with just-in-time access
[AG.SAD.5] Implement break-glass procedures
[AG.SAD.6] Conduct periodic identity and access management reviews
[AG.SAD.7] Implement rotation policies for secrets, keys, and certificates
[AG.SAD.8] Adopt a zero trust security model, shifting towards an identity-centric security perimeter

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Secure access and delegation

[AG.SAD.1] Centralize and federate access with temporary credential vending