Least Privilege | Authorize Access to Security Functions
Identity and Access Management
The organization explicitly authorizes access to administrative and security functions of its virtual infrastructure and residing platforms to designated individuals within the organization's SecOps and DevOps team. No other authorizations to security and administrative information is granted to individuals outside these teams.
Access Control Policies for 18F
Because cloud.gov is a PaaS all accessible functions are privileged functions. Nevertheless, 18F team members use different accounts with increasing security requirements for accessing Cloud Foundry as a user, Cloud Foundry as a administrator, and AWS as an administrator. Covered By: