aws_compliance

AWS Compliance

This control checks whether the IAM Access analyzer is enabled without findings. If you grant permissions to an S3 bucket in one of your organization member accounts to a principal in another organization member account, IAM Access Analyzer does not generate a finding. But if you grant permission to a principal in an account that is not a member of the organization, IAM Access Analyzer generates a finding.

iam_access_analyzer_enabled_without_findings

all_controls_iam

IAM Access analyzer should be enabled without findings

Run individual configuration, compliance and security controls or full compliance benchmarks for CIS, FFIEC, PCI, NIST, HIPAA, RBI CSF, GDPR, SOC 2, Audit Manager Control Tower, FedRAMP, GxP and AWS Foundational Security Best Practices controls across all your AWS accounts using Powerpipe and Steampipe.

Control: IAM Access analyzer should be enabled without findings

Description

Usage

SQL

Tags