Mods

turbot/alicloud_compliance

GitHub
Overview
1Dashboards
78Controls
40Queries
0Variables
GitHub
Loading controls...
On This Page
Description
Remediation
Usage
SQL
Tags
Get Involved
Edit on GitHub
Discuss on Slack

Control: 3.4 Ensure routing tables for VPC peering are 'least access'

Description

Once a VPC peering connection is established, routing tables must be updated to establish any connections between the peered VPCs. These routes can be as specific as desired, even peering a VPC to only a single host on the other side of the connection.

Remediation

From Console

  1. Logon to VPC console.
  2. Open the routing table.
  3. Remove and add route table entries to ensure that the least number of subnets or hosts as is required to accomplish the purpose for peering are routable.

Usage

Run the control in your terminal:

steampipe check alicloud_compliance.control.cis_v100_3_4

Snapshot and share results via Steampipe Cloud:

steampipe login
steampipe check --share alicloud_compliance.control.cis_v100_3_4

SQL

This control uses a named query:

manual_control

Tags

category = Compliance
cis = true
cis_item_id = 3.4
cis_level = 2
cis_section_id = 3
cis_type = manual
cis_version = v1.0.0
plugin = alicloud
service = AliCloud/VPC