Benchmark: CM-7(b)
Description
Prohibit or restrict the use of the following functions, ports, protocols, software, and/or services: [Assignment: organization-defined prohibited or restricted functions, system ports, protocols, software, and/or services].
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-aws-complianceStart the Powerpipe server:
steampipe service startpowerpipe serverOpen http://localhost:9033 in your browser and select CM-7(b).
Run this benchmark in your terminal:
powerpipe benchmark run aws_compliance.benchmark.nist_800_53_rev_5_cm_7_bSnapshot and share results via Turbot Pipes:
powerpipe benchmark run aws_compliance.benchmark.nist_800_53_rev_5_cm_7_b --shareControls
- VPC route table should restrict public access to IGW
- VPC security groups should restrict ingress access on ports 20, 21, 22, 3306, 3389, 4333 from 0.0.0.0/0