v1.0 for Steampipe, Powerpipe, Flowpipe, 116 plugins, and 44 mods →
Powerpipe Hub 
Hub
Mods
turbot/aws_compliance
Overview
32Dashboards
1295Controls
585Queries
4Variables
GitHub

Control: EMR public access should be blocked at account level

Description

The block public access feature prevents a cluster in a public subnet from launching when any security group associated with the cluster has a rule that allows inbound traffic from IPv4 0.0.0.0/0 or IPv6 ::/0 (public access) on a port, unless the port has been specified as an exception - port 22 is an exception by default. This feature is enabled by default for each AWS Region in your AWS account and is not recommended to be turned off.

Usage

Run the control in your terminal:

powerpipe control run aws_compliance.control.emr_account_public_access_blocked

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run aws_compliance.control.emr_account_public_access_blocked --share

SQL

This control uses a named query:

emr_account_public_access_blocked

Tags

acsc_essential_eight = true
category = Compliance
plugin = aws
service = AWS/EMR