Control: 3.4 Ensure routing tables for VPC peering are 'least access'
Description
Once a VPC peering connection is established, routing tables must be updated to establish any connections between the peered VPCs. These routes can be as specific as desired, even peering a VPC to only a single host on the other side of the connection.
Remediation
From Console
- Logon to VPC console.
- Open the
routing table
. Remove
andadd
route table entries to ensure that the least number of subnets or hosts as is required to accomplish the purpose for peering are routable.
Usage
steampipe check alicloud_compliance.control.cis_v100_3_4
SQL
This control uses a named query:
manual_control