Benchmark: Disallow Public Access
Description
This benchmark checks if RDS instances, snapshots and S3 buckets are not publicly accessible.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-aws-complianceStart the Powerpipe server:
steampipe service startpowerpipe serverOpen http://localhost:9033 in your browser and select Disallow Public Access.
Run this benchmark in your terminal:
powerpipe benchmark run aws_compliance.benchmark.audit_manager_control_tower_disallow_public_accessSnapshot and share results via Turbot Pipes:
powerpipe benchmark run aws_compliance.benchmark.audit_manager_control_tower_disallow_public_access --shareBenchmarks
- 4.0.1 - Disallow public access to RDS database instances
- 4.0.2 - Disallow public access to RDS database snapshots
- 4.1.1 - Disallow public read access to S3 buckets
- 4.1.2 - Disallow public write access to S3 buckets