apigateway_stage_use_waf_web_acl

API Gateway stage should be associated with waf

elb_application_lb_waf_enabled

ELB application load balancers should have Web Application Firewall (WAF) enabled

vpc_default_security_group_restricts_all_traffic

VPC default security group should not allow inbound and outbound traffic

vpc_security_group_restrict_ingress_common_ports_all

VPC security groups should restrict ingress access on ports 20, 21, 22, 3306, 3389, 4333 from 0.0.0.0/0

vpc_security_group_restrict_ingress_ssh_all

VPC security groups should restrict ingress SSH access from 0.0.0.0/0

vpc_security_group_restrict_ingress_tcp_udp_all

VPC security groups should restrict ingress TCP and UDP access from 0.0.0.0/0

Systems that are accessed from the Internet or by external parties are protected by firewalls or other similar devices.

ffiec_d_3_pc_im_b_2

ffiec_d_3_pc

Preventative Controls (PC)

D3.PC.IM.B.2

aws_compliance

Run individual configuration, compliance and security controls or full compliance benchmarks for CIS, FFIEC, PCI, NIST, HIPAA, RBI CSF, GDPR, SOC 2, Audit Manager Control Tower, FedRAMP, GxP and AWS Foundational Security Best Practices controls across all your AWS accounts using Steampipe.

AWS Compliance

Apache License 2.0

steampipe-mod-aws-compliance

turbot/aws_compliance

Benchmark: D3.PC.IM.B.2

Description

Usage

Controls

Tags

Steampipe

Resources

Community