The content provided is only for informational purposes and is not intended to be directly applied to a production system. Those individuals who leverage this information should place it into a development and test environment prior to production. Within dev and test, the implementation can be verified and validated against a structured test plan with organizational specific requirements.
Identity and Access Management (IdAM)
The Department of Defense (DoD) Cloud Security Requirements Guideline (SRG) outlines numerous use cases pertaining to Identity and Access Management (IdAM) and dependent on the categorization of the data (e.g., IL2, IL4, IL5, and IL6). The following use cases are applicable to IL2, IL4, and IL5 and specific to Amazon Web Services. The challenge I encountered was identifying a central repository of methods and means, indicating procedurely how to accomplish what policy dictated in a cost effective and technically feasible manner. The following knowledge repository will attempt to assist the process providing captured engineering steps to meet controls or mitigate risk pertaining to DoD SRG requirements.
Have suggestions for cloud security issues you want to know more about?
Maybe we have an answer. Let us know below.