Benchmark: Your Systems-1
Description
Learn what is on your network. Maintain inventories of hardware and software assets to know what is in play and at-risk from attack.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-aws-compliance
Start the Powerpipe server:
steampipe service startpowerpipe server
Open http://localhost:9033 in your browser and select Your Systems-1.
Run this benchmark in your terminal:
powerpipe benchmark run aws_compliance.benchmark.cisa_cyber_essentials_your_systems_1
Snapshot and share results via Turbot Pipes:
powerpipe benchmark run aws_compliance.benchmark.cisa_cyber_essentials_your_systems_1 --share
Controls
- EBS volumes should be attached to EC2 instances
- EC2 instances should be managed by AWS Systems Manager
- EC2 stopped instances should be removed in 30 days
- SSM managed instance associations should be compliant
- SSM managed instance patching should be compliant
- VPC EIPs should be associated with an EC2 instance or ENI
- VPC network access control lists (network ACLs) should be associated with a subnet.