Benchmark: Developer Configuration Management (SA-10)
Description
The organization requires the developer of the information system, system component, or information system service to: a. Perform configuration management during system, component, or service [Selection (one or more): design; development; implementation; operation]; b. Document, manage, and control the integrity of changes to [Assignment: organization-defined configuration items under configuration management]; c. Implement only organization-approved changes to the system, component, or service; d. Document approved changes to the system, component, or service and the potential security impacts of such changes; and e. Track security flaws and flaw resolution within the system, component, or service and report findings to [Assignment: organization-defined personnel].
Usage
Browse dashboards and select Developer Configuration Management (SA-10):
steampipe dashboardOr run the benchmarks in your terminal:
steampipe check aws_compliance.benchmark.nist_800_53_rev_4_sa_10Snapshot and share results via Steampipe Cloud:
steampipe loginsteampipe check --share aws_compliance.benchmark.nist_800_53_rev_4_sa_10Controls
- EC2 instances should be managed by AWS Systems Manager
- GuardDuty should be enabled
- GuardDuty findings should be archived
- AWS Security Hub should be enabled for an AWS Account