turbot/aws_perimeter
GitHub
Loading controls...

Control: Config service aggregator should only collect data from trusted accounts

Description

Config service aggregator helps in monitoring compliance data for rules and accounts in the aggregated view. An aggregator is an AWS Config resource type that collects AWS Config configuration and compliance data from (1) Multiple accounts and multiple regions, (2) Single account and multiple regions, (3) An organization in AWS Organizations and all the accounts in that organization which have AWS Config enabled.

Usage

Run the control in your terminal:

steampipe check aws_perimeter.control.config_aggregator_shared_with_trusted_accounts

Snapshot and share results via Steampipe Cloud:

steampipe login
steampipe check --share aws_perimeter.control.config_aggregator_shared_with_trusted_accounts

Plugins & Tables

Params

ArgsNameDefaultDescriptionVariable
$1trusted_accounts
["123456781234","123456781200"]
A list of trusted accounts.

SQL

select
title as resource,
case
when authorized_account_id is null
or authorized_account_id = any (($1) :: text [ ]) then 'ok'
else 'info'
end as status,
case
when authorized_account_id is null
or authorized_account_id = any (($1) :: text [ ]) then title || ' shared with trusted account.'
else title || ' shared with untrusted account ' || authorized_account_id || '.'
end as reason,
region,
account_id
from
aws_config_aggregate_authorization;

Tags