[Feedback]: component[@type=interconnection]prop[@name="authorized-users"]

[Telos-sa]

This is a ...

question - need to understand something

This relates to ...

• the FedRAMP OSCAL Registry
• the FedRAMP OSCAL baselines
• the Guide to OSCAL-based FedRAMP Content
• the Guide to OSCAL-based FedRAMP System Security Plans (SSP)
• the Guide to OSCAL-based FedRAMP Security Assessment Plans (SAP)
• the Guide to OSCAL-based FedRAMP Security Assessment Results (SAR)
• the Guide to OSCAL-based FedRAMP Plan of Action and Milestones (POA&M)
• the FedRAMP SSP OSCAL Template (JSON or XML Format)
• the FedRAMP SAP OSCAL Template (JSON or XML Format)
• the FedRAMP SAR OSCAL Template (JSON or XML Format)
• the FedRAMP POA&M OSCAL Template (JSON or XML Format)
• the FedRAMP OSCAL Validations

What is your feedback?

The SSP Template refers this element to "Authorized Users/Authentication: List the user roles (e.g., SecOps engineers) authorized to access the service, and provide the authentication method."

As shown here.

Please confirm, if this is supposed to reference system-implementation/users/title (which is not required), system-implementation/users/uuid, or system-implementation/users/role-ids/role-id when creating the association.

Specifically, we are looking at the different user types that have access to the interconnection, not the role? Or whichever roles are associated with this user, which can use the interconnect?

Where, exactly?

component[@type=interconnection]prop[@name="authorized-users"]

Other information

No response

[Telos-sa]

specifically, since this is not using the responsible-roles element, need to understand how this information should be correlated back to the user.