aws_compliance

AWS Compliance

This rule ensures the security groups are attached to an AWS Elastic Compute Cloud (AWS EC2) instance or to an ENI. This rule helps monitoring unused security groups in the inventory and the management of your environment.

vpc_security_group_associated_to_eni

cis_controls_v8_ig1_1_1

1.1 Establish and Maintain Detailed Enterprise Asset Inventory

nist_800_171_rev_2_3_4_1

3.4.1 Establish and maintain baseline configurations and inventories of organizational systems (including hardware, software, firmware, and documentation) throughout the respective system development life cycles

nist_800_171_rev_2_3_4_2

3.4.2 Establish and enforce security configuration settings for information technology products employed in organizational systems

soc_2_cc_6_1

CC6.1 The entity implements logical access security software, infrastructure, and architectures over protected information assets to protect them from security events to meet the entity's objectives

soc_2_cc_6_2

CC6.2 Prior to issuing system credentials and granting system access, the entity registers and authorizes new internal and external users whose access is administered by the entity

all_controls_vpc

VPC security groups should be associated with at least one ENI

Run individual configuration, compliance and security controls or full compliance benchmarks for CIS, FFIEC, PCI, NIST, HIPAA, RBI CSF, GDPR, SOC 2, Audit Manager Control Tower, FedRAMP, GxP and AWS Foundational Security Best Practices controls across all your AWS accounts using Powerpipe and Steampipe.

Apache License 2.0

steampipe-mod-aws-compliance

Control: VPC security groups should be associated with at least one ENI

Description

Usage

SQL

Tags