Loading controls...
Benchmark: Information System Component Inventory (CM-8)
Description
The organization develops and documents an inventory of information system components that accurately reflects the current information system, includes all components within the authorization boundary of the information system, is at the level of granularity deemed necessary for tracking and reporting and reviews and updates the information system component inventory.
Usage
steampipe check aws_compliance.benchmark.fedramp_low_rev_4_cm_8
Controls
- EC2 instances should be managed by AWS Systems Manager
- GuardDuty should be enabled
- SSM managed instance associations should be compliant
- SSM managed instance patching should be compliant