Benchmark: RAM Shared Access
This benchmark answers the following questions:
- What resources are shared through RAM with untrusted accounts, organization units, and organizations using Resource Access Manager (RAM)?
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-aws-perimeter
Start the Powerpipe server:
steampipe service startpowerpipe server
Open http://localhost:9033 in your browser and select RAM Shared Access.
Run this benchmark in your terminal:
powerpipe benchmark run aws_perimeter.benchmark.ram_shared_access
Snapshot and share results via Turbot Pipes:
powerpipe benchmark run aws_perimeter.benchmark.ram_shared_access --share
Controls
- Resources shared through RAM should only be shared with trusted accounts
- Resources shared through RAM should only be shared with trusted OUs
- Resources shared through RAM should only be shared with trusted organizations