aws_compliance

AWS Compliance

This control checks whether connections to OpenSearch domains are using HTTPS. The rule is non-compliant if the OpenSearch domain 'EnforceHTTPS' is not 'true' or is 'true' and 'TLSSecurityPolicy' is not in 'tlsPolicies'.

opensearch_domain_https_required

gxp_21_cfr_part_11_11_30

11.30 Controls for open systems

hipaa_security_rule_2003_164_312_c_1

164.312(c)(1) Integrity

hipaa_final_omnibus_security_rule_2013_164_312_c_1

hipaa_security_rule_2003_164_314_b_1

164.314(b)(1) Requirements for group health plans

hipaa_final_omnibus_security_rule_2013_164_314_b_1

hipaa_security_rule_2003_164_314_b_2

164.314(b)(2) Implementation specifications

hipaa_final_omnibus_security_rule_2013_164_314_b_2

hipaa_final_omnibus_security_rule_2013_164_314_b_2_i

164.314(b)(2)(i)

hipaa_final_omnibus_security_rule_2013_164_314_b_2_ii

164.314(b)(2)(ii)

hipaa_final_omnibus_security_rule_2013_164_314_b_2_iii

164.314(b)(2)(iii)

hipaa_final_omnibus_security_rule_2013_164_314_b_2_iv

164.314(b)(2)(iv)

nist_800_172_3_1_3_e

3.1.3e Employ [Assignment: organization-defined secure information transfer solutions] to control information flows between security domains on connected systems

rbi_itf_nbfc_3_1_i

3.1.i Public Key Infrastructure (PKI)

pci_dss_v321_requirement_4_1_a

4.1.a Identify all locations where cardholder data is transmitted or received over open, public networks

gxp_eu_annex_11_operational_phase_7_1

7.1 Data Storage - Damage Protection

all_controls_opensearch

OpenSearch

nist_csf_pr_ds_2

PR.DS-2

OpenSearch domains should use HTTPS

Run individual configuration, compliance and security controls or full compliance benchmarks for CIS, FFIEC, PCI, NIST, HIPAA, RBI CSF, GDPR, SOC 2, Audit Manager Control Tower, FedRAMP, GxP and AWS Foundational Security Best Practices controls across all your AWS accounts using Powerpipe and Steampipe.

Apache License 2.0

steampipe-mod-aws-compliance

Control: OpenSearch domains should use HTTPS

Description

Usage

SQL

Tags