aws_compliance

AWS Compliance

This control checks if AWS CloudFront distributions are using deprecated SSL protocols for HTTPS communication between CloudFront edge locations and your custom origins. This control fails if a CloudFront distribution has a CustomOriginConfig where OriginSslProtocols includes SSLv3.

cloudfront_distribution_no_deprecated_ssl_protocol

gxp_21_cfr_part_11_11_30

11.30 Controls for open systems

pci_dss_v321_requirement_2_3

2.3 Encrypt all non-console administrative access using strong cryptography

pci_dss_v321_requirement_4_1_a

4.1.a Identify all locations where cardholder data is transmitted or received over open, public networks

pci_dss_v321_requirement_4_1_e

4.1.e Examine system configurations to verify that the protocol is implemented to use only secure configurations and does not support insecure versions or configurations

pci_dss_v321_requirement_4_1_f

4.1.f Examine system configurations to verify that the proper encryption strength is implemented for the encryption methodology in use

pci_dss_v321_requirement_4_1_g

4.1.g For TLS implementations, examine system configurations to verify that TLS is enabled whenever cardholder data is transmitted or received

gxp_eu_annex_11_operational_phase_7_1

7.1 Data Storage - Damage Protection

all_controls_cloudfront

CloudFront

nist_csf_pr_ds_2

PR.DS-2

CloudFront distributions should not use deprecated SSL protocols between edge locations and custom origins

Run individual configuration, compliance and security controls or full compliance benchmarks for CIS, FFIEC, PCI, NIST, HIPAA, RBI CSF, GDPR, SOC 2, Audit Manager Control Tower, FedRAMP, GxP and AWS Foundational Security Best Practices controls across all your AWS accounts using Powerpipe and Steampipe.

Apache License 2.0

steampipe-mod-aws-compliance

Control: CloudFront distributions should not use deprecated SSL protocols between edge locations and custom origins

Description

Usage

SQL

Tags