Skip to content

Commit

Permalink
docs: fedramp table fix (#47001)
Browse files Browse the repository at this point in the history
  • Loading branch information
stevenGravy authored Sep 30, 2024
1 parent f5b78b7 commit 361543d
Showing 1 changed file with 2 additions and 2 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -19,8 +19,8 @@ government agencies.
| - | - |
| [AC-02 Account Management]((=fedramp.control_url=)AC-02) | Audit events are emitted in the Auth Service when a user is created, updated, deleted, locked, or unlocked. |
| [AC-03 Access Enforcement]((=fedramp.control_url=)AC-03) | Teleport Enterprise supports robust [Role-based Access Controls (RBAC)](../access-controls.mdx) to: <br/>• Control which infrastructure resources a user can or cannot access. <br/>• Control cluster level configuration (session recording, configuration, etc.) <br/>• Control which Unix logins a user is allowed to use when logging into a server. |
| [AC-07 Unsuccessful Logon Attempts]((=fedramp.control_url=)AC-07) | Teleport Enterprise supports robust [Role-based Access Controls (RBAC)](../access-controls.mdx) to: <br/>• Control which resources a user can or cannot access. <br/>• Control cluster level configuration (session recording, configuration, etc.) <br/>• Control which Unix logins a user is allowed to use when logging into a server. | Teleport supports two types of users: local and SSO-based accounts (GitHub, Google Apps, Okta, etc). For local accounts, by default, Teleport locks accounts for 30 minutes after 5 failed login attempts. For SSO-based accounts, the number of invalid login attempts and lockout time period is controlled by the SSO provider. |
| [AC-08 System Use Notification]((=fedramp.control_url=)AC-08) | Teleport Enterprise supports robust [Role-based Access Controls (RBAC)](../access-controls.mdx) to: <br/>• Control which resources a user can or cannot access. <br/>• Control cluster level configuration (session recording, configuration, etc.) <br/>• Control which Unix logins a user is allowed to use when logging into a server. | Teleport integrates with Linux Pluggable Authentication Modules (PAM). PAM modules can be used to display a custom message on login using a message of the day (MOTD) module within the Session management primitive. |
| [AC-07 Unsuccessful Logon Attempts]((=fedramp.control_url=)AC-07) | Teleport supports two types of users: local and SSO-based accounts (GitHub, Google Apps, Okta, etc). For local accounts, by default, Teleport locks accounts for 30 minutes after 5 failed login attempts. For SSO-based accounts, the number of invalid login attempts and lockout time period is controlled by the SSO provider. |
| [AC-08 System Use Notification]((=fedramp.control_url=)AC-08) | Teleport integrates with Linux Pluggable Authentication Modules (PAM). PAM modules can be used to display a custom message on login using a message of the day (MOTD) module within the Session management primitive. |
| [AC-10 Concurrent Session Control]((=fedramp.control_url=)AC-10) | Teleport administrators can define concurrent session limits using Teleport’s RBAC. |
| [AC-12 Session Termination]((=fedramp.control_url=)AC-12) | Admins can terminate active sessions with [session locking](../../access-controls/guides/locking.mdx). Teleport terminates sessions on expiry or inactivity. |
| [AC-17 Remote Access]((=fedramp.control_url=)AC-17) | Teleport administrators create users with configurable roles that can be used to allow or deny access to system resources. |
Expand Down

0 comments on commit 361543d

Please sign in to comment.