aws_compliance

AWS Compliance

This control checks whether an AWS CloudFront distribution requires viewers to use HTTPS directly or whether it uses redirection. The control fails if ViewerProtocolPolicy is set to allow-all for defaultCacheBehavior or for cacheBehaviors.

cloudfront_distribution_encryption_in_transit_enabled

hipaa_final_omnibus_security_rule_2013_164_308_a_4_ii_a

164.308(a)(4)(ii)(A) Isolating healthcare clearing house functions

hipaa_security_rule_2003_164_308_a_4_ii_a

hipaa_security_rule_2003_164_312_e_1

164.312(e)(1) Transmission security

hipaa_final_omnibus_security_rule_2013_164_312_e_1

pci_dss_v321_requirement_2_3

2.3 Encrypt all non-console administrative access using strong cryptography

pci_dss_v321_requirement_4_1

4.1 Use strong cryptography and security protocols to safeguard sensitive cardholder data during transmission over open, public networks

pci_dss_v321_requirement_4_1_a

4.1.a Identify all locations where cardholder data is transmitted or received over open, public networks

pci_dss_v321_requirement_4_1_g

4.1.g For TLS implementations, examine system configurations to verify that TLS is enabled whenever cardholder data is transmitted or received

pci_dss_v321_requirement_8_2_1

8.2.1 Using strong cryptography, render all authentication credentials (such as passwords/phrases) unreadable during transmission and storage on all system components

pci_dss_v321_requirement_8_2_1_a

8.2.1.a Examine vendor documentation and system configuration settings to verify that passwords are protected with strong cryptography during transmission and storage

article_32

Article 32 Security of processing

soc_2_cc_6_7

CC6.7 The entity restricts the transmission, movement, and removal of information to authorized internal and external users and processes, and protects it during transmission, movement, or removal to meet the entity’s objectives

all_controls_cloudfront

CloudFront

nist_csf_pr_ds_2

PR.DS-2

CloudFront distributions should require encryption in transit

Run individual configuration, compliance and security controls or full compliance benchmarks for CIS, FFIEC, PCI, NIST, HIPAA, RBI CSF, GDPR, SOC 2, Audit Manager Control Tower, FedRAMP, GxP and AWS Foundational Security Best Practices controls across all your AWS accounts using Powerpipe and Steampipe.

Apache License 2.0

steampipe-mod-aws-compliance

Control: CloudFront distributions should require encryption in transit

Description

Usage

SQL

Tags