aws_compliance

AWS Compliance

This control checks if AWS OpenSearch Service nodes are encrypted end to end. The rule is non-compliant if the node-to-node encryption is not enabled on the domain.

opensearch_domain_node_to_node_encryption_enabled

gxp_21_cfr_part_11_11_30

11.30 Controls for open systems

hipaa_security_rule_2003_164_312_c_1

164.312(c)(1) Integrity

hipaa_final_omnibus_security_rule_2013_164_312_c_1

hipaa_security_rule_2003_164_312_e_1

164.312(e)(1) Transmission security

hipaa_final_omnibus_security_rule_2013_164_312_e_1

hipaa_security_rule_2003_164_314_b_1

164.314(b)(1) Requirements for group health plans

hipaa_final_omnibus_security_rule_2013_164_314_b_1

hipaa_security_rule_2003_164_314_b_2

164.314(b)(2) Implementation specifications

hipaa_final_omnibus_security_rule_2013_164_314_b_2

hipaa_final_omnibus_security_rule_2013_164_314_b_2_i

164.314(b)(2)(i)

hipaa_final_omnibus_security_rule_2013_164_314_b_2_ii

164.314(b)(2)(ii)

hipaa_final_omnibus_security_rule_2013_164_314_b_2_iii

164.314(b)(2)(iii)

hipaa_final_omnibus_security_rule_2013_164_314_b_2_iv

164.314(b)(2)(iv)

nist_800_172_3_1_3_e

3.1.3e Employ [Assignment: organization-defined secure information transfer solutions] to control information flows between security domains on connected systems

nist_800_171_rev_2_3_13_8

3.13.8 Implement cryptographic mechanisms to prevent unauthorized disclosure of CUI during transmission unless otherwise protected by alternative physical safeguards

nydfs_23_500_02_a

500.02(a)

nydfs_23_500_15_a

500.15(a)

gxp_eu_annex_11_operational_phase_7_1

7.1 Data Storage - Damage Protection

all_controls_opensearch

OpenSearch

nist_csf_pr_ds_2

PR.DS-2

OpenSearch domains node-to-node encryption should be enabled

Run individual configuration, compliance and security controls or full compliance benchmarks for CIS, FFIEC, PCI, NIST, HIPAA, RBI CSF, GDPR, SOC 2, Audit Manager Control Tower, FedRAMP, GxP and AWS Foundational Security Best Practices controls across all your AWS accounts using Powerpipe and Steampipe.

Apache License 2.0

steampipe-mod-aws-compliance

Control: OpenSearch domains node-to-node encryption should be enabled

Description

Usage

SQL

Tags