Mods

turbot/terraform_aws_compliance

GitHub
Overview
39Dashboards
153Controls
153Queries
0Variables
GitHub
Loading controls...
On This Page
Description
Usage
SQL
Tags
Get Involved
Edit on GitHub
Discuss on Slack

Control: CloudFront distributions should require encryption in transit

Description

This control checks whether an Amazon CloudFront distribution requires viewers to use HTTPS directly or whether it uses redirection. The control fails if ViewerProtocolPolicy is set to allow-all for defaultCacheBehavior or for cacheBehaviors.

Usage

Run the control in your terminal:

steampipe check terraform_aws_compliance.control.cloudfront_distribution_encryption_in_transit_enabled

Snapshot and share results via Steampipe Cloud:

steampipe login
steampipe check --share terraform_aws_compliance.control.cloudfront_distribution_encryption_in_transit_enabled

SQL

This control uses a named query:

cloudfront_distribution_encryption_in_transit_enabled

Tags

category = Compliance
gdpr = true
hipaa = true
plugin = terraform
service = AWS/CloudFront