Benchmark: Information Handling and Retention (SI-12)
Description
The organization handles and retains information within the information system and information output from the system in accordance with applicable federal laws, Executive Orders, directives, policies, regulations, standards, and operational requirements.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-aws-complianceStart the Powerpipe server:
steampipe service startpowerpipe serverOpen http://localhost:9033 in your browser and select Information Handling and Retention (SI-12).
Run this benchmark in your terminal:
powerpipe benchmark run aws_compliance.benchmark.nist_800_53_rev_4_si_12Snapshot and share results via Turbot Pipes:
powerpipe benchmark run aws_compliance.benchmark.nist_800_53_rev_4_si_12 --shareControls
- Log group retention period should be at least 365 days
- DynamoDB tables should be in a backup plan
- DynamoDB table point-in-time recovery should be enabled
- EBS volumes should be in a backup plan
- EFS file systems should be in a backup plan
- ElastiCache Redis cluster automatic backup should be enabled with retention period of 15 days or greater
- RDS DB instance backup should be enabled
- RDS DB instances should be in a backup plan
- S3 bucket versioning should be enabled