AWS Secure Configuration Guidance for FedRAMP
What is This?
This guidance explains how to securely configure AWS services to meet FedRAMP Rev5 Recommended Secure Configuration (RSC) requirements. It provides step-by-step instructions, security implications, and machine-readable configurations.
Available Guidance
| Requirement | Title | Actions |
|---|---|---|
| FRR-RSC-01 | Top-Level Administrative Accounts Guidance | View OSCAL Catalog OSCAL Component |
| FRR-RSC-02 | Top-Level Administrative Accounts Security Settings Guidance | View OSCAL Catalog OSCAL Component |
| FRR-RSC-03 | Privileged Accounts | View OSCAL Catalog OSCAL Component |
| FRR-RSC-04 | Secure Defaults on Provisioning | View OSCAL Catalog OSCAL Component |
| FRR-RSC-05 | Comparison Capability | View OSCAL Catalog OSCAL Component |
| FRR-RSC-06 | Export Capability | View OSCAL Catalog OSCAL Component |
| FRR-RSC-07 | API Capability | View OSCAL Catalog OSCAL Component |
| FRR-RSC-08 | Machine-Readable Guidance | View OSCAL Catalog OSCAL Component |
| FRR-RSC-09 | Publish Guidance | View OSCAL Catalog OSCAL Component |
| FRR-RSC-10 | Versioning and Release History | View OSCAL Catalog OSCAL Component |
📥 Download All Guidance
Download complete guidance in machine-readable formats:
Complete JSON Markdown HTML OSCAL Component OSCAL CatalogDeployable Templates
| Template | Description | Download |
|---|---|---|
| Complete CloudFormation | Implements all RSC requirements | Download |
| Config Conformance Pack | 20+ compliance rules for continuous monitoring | Download |
| OSCAL Component Definition | NIST OSCAL format component definition | Download |
| OSCAL Catalog | NIST OSCAL format control catalog | Download |
Region-Specific Guidance
Select your AWS region to view region-specific configuration guidance: