aws_compliance

AWS Compliance

Checks if Service Endpoint for the service provided in rule parameter is created for each AWS Virtual Private Cloud (AWS VPC). The rule is non-compliant if an AWS VPC doesn't have an AWS VPC endpoint created for the service.

vpc_configured_to_use_vpc_endpoints

pci_dss_v321_requirement_1_3

1.3 Examine firewall and router configurations—including but not limited to the choke router at the Internet, the DMZ router and firewall, the DMZ cardholder segment, the perimeter router, and the internal cardholder network segment—and perform the following to determine that there is no direct access between the Internet and system components in the internal cardholder network segment

hipaa_security_rule_2003_164_314_b_1

164.314(b)(1) Requirements for group health plans

hipaa_final_omnibus_security_rule_2013_164_314_b_1

hipaa_security_rule_2003_164_314_b_2

164.314(b)(2) Implementation specifications

hipaa_final_omnibus_security_rule_2013_164_314_b_2

hipaa_final_omnibus_security_rule_2013_164_314_b_2_i

164.314(b)(2)(i)

hipaa_final_omnibus_security_rule_2013_164_314_b_2_ii

164.314(b)(2)(ii)

hipaa_final_omnibus_security_rule_2013_164_314_b_2_iii

164.314(b)(2)(iii)

hipaa_final_omnibus_security_rule_2013_164_314_b_2_iv

164.314(b)(2)(iv)

pci_dss_v321_requirement_2_2_2

2.2.2 Enable only necessary services, protocols, daemons, etc., as required for the function of the system

nist_csf_pr_ac_3

PR.AC-3

nist_csf_pr_ac_4

PR.AC-4

nist_csf_pr_ac_5

PR.AC-5

nist_csf_pr_ds_5

PR.DS-5

nist_csf_pr_pt_3

PR.PT-3

nist_csf_pr_pt_4

PR.PT-4

all_controls_vpc

VPC should be configured to use VPC endpoints

Run individual configuration, compliance and security controls or full compliance benchmarks for CIS, FFIEC, PCI, NIST, HIPAA, RBI CSF, GDPR, SOC 2, Audit Manager Control Tower, FedRAMP, GxP and AWS Foundational Security Best Practices controls across all your AWS accounts using Powerpipe and Steampipe.

Apache License 2.0

steampipe-mod-aws-compliance

Control: VPC should be configured to use VPC endpoints

Description

Usage

SQL

Tags