turbot/aws_compliance

Query: cloudfront_distribution_sni_enabled

Usage

powerpipe query aws_compliance.query.cloudfront_distribution_sni_enabled

SQL

select
arn as resource,
case
when viewer_certificate ->> 'SSLSupportMethod' = 'sni-only' then 'ok'
else 'alarm'
end as status,
case
when viewer_certificate ->> 'SSLSupportMethod' = 'sni-only' then title || ' SNI enabled.'
else title || ' SNI disabled.'
end as reason
, region, account_id
from
aws_cloudfront_distribution;

Controls

The query is being used by the following controls: