Benchmark: Network General Access
This benchmark answers the following questions:
- What resources are not provisioned within a VPC?
- What ELB application load balancers do not have WAF enabled?
- What VPCs are peered with untrusted accounts?
Browse dashboards and select Network General Access:
Or run the benchmarks in your terminal:
steampipe check aws_perimeter.benchmark.network_general_access
Snapshot and share results via Steampipe Cloud:
steampipe loginsteampipe check --share aws_perimeter.benchmark.network_general_access
- EC2 instances should be in a VPC
- ELB application load balancers should have Web Application Firewall (WAF) enabled
- Elasticsearch Service domains should be in a VPC
- Lambda functions should be in a VPC
- Amazon OpenSearch domains should be in a VPC private subnet
- RDS DB instances should be deployed in a VPC
- SageMaker models should be in a VPC
- SageMaker notebook instances should be in a VPC
- SageMaker training jobs should be in a VPC
- VPCs should only be peered with trusted accounts