Benchmark: RAM Shared Access
This benchmark answers the following questions:
- What resources are shared through RAM with untrusted accounts, organization units, and organizations using Resource Access Manager (RAM)?
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-aws-perimeterStart the Powerpipe server:
steampipe service startpowerpipe serverOpen http://localhost:9033 in your browser and select RAM Shared Access.
Run this benchmark in your terminal:
powerpipe benchmark run aws_perimeter.benchmark.ram_shared_accessSnapshot and share results via Turbot Pipes:
powerpipe benchmark run aws_perimeter.benchmark.ram_shared_access --shareControls
- Resources shared through RAM should only be shared with trusted accounts
- Resources shared through RAM should only be shared with trusted OUs
- Resources shared through RAM should only be shared with trusted organizations