aws_compliance

AWS Compliance

Ensure CloudFormation stacks outputs do not contain secrets like user names, passwords, and tokens. It is recommended to remove secrets since outputs cannot be encrypted resulting in any entity with basic read-metadata-only and access to CloudFormation outputs having access to these secrets.

cloudformation_stack_output_no_secrets

all_controls_cloudformation

CloudFormation

CloudFormation stacks outputs should not have any secrets

Run individual configuration, compliance and security controls or full compliance benchmarks for CIS, FFIEC, PCI, NIST, HIPAA, RBI CSF, GDPR, SOC 2, Audit Manager Control Tower, FedRAMP, GxP and AWS Foundational Security Best Practices controls across all your AWS accounts using Powerpipe and Steampipe.

Control: CloudFormation stacks outputs should not have any secrets

Description

Usage

SQL

Tags