Benchmark: Prohibited
Description
Prohibited tags may contain sensitive, confidential, or otherwise unwanted data and should be removed.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-aws-tagsStart the Powerpipe server:
steampipe service startpowerpipe serverOpen http://localhost:9033 in your browser and select Prohibited.
Run this benchmark in your terminal:
powerpipe benchmark run aws_tags.benchmark.prohibitedSnapshot and share results via Turbot Pipes:
powerpipe benchmark run aws_tags.benchmark.prohibited --shareControls
- Access Analyzer analyzers should not have prohibited tags
- API Gateway stages should not have prohibited tags
- CloudFront distributions should not have prohibited tags
- CloudTrail trails should not have prohibited tags
- CloudWatch alarms should not have prohibited tags
- CloudWatch log groups should not have prohibited tags
- CodeBuild projects should not have prohibited tags
- CodeCommit repositories should not have prohibited tags
- CodePipeline pipelines should not have prohibited tags
- Config rules should not have prohibited tags
- DAX clusters should not have prohibited tags
- Directory Service directories should not have prohibited tags
- DMS replication instances should not have prohibited tags
- DynamoDB tables should not have prohibited tags
- EBS snapshots should not have prohibited tags
- EBS volumes should not have prohibited tags
- EC2 application load balancers should not have prohibited tags
- EC2 classic load balancers should not have prohibited tags
- EC2 gateway load balancers should not have prohibited tags
- EC2 instances should not have prohibited tags
- EC2 network load balancers should not have prohibited tags
- EC2 reserved instances should not have prohibited tags
- ECR repositories should not have prohibited tags
- ECS container instances should not have prohibited tags
- ECS services should not have prohibited tags
- EFS file systems should not have prohibited tags
- EKS addons should not have prohibited tags
- EKS clusters should not have prohibited tags
- EKS identity provider configs should not have prohibited tags
- Elastic beanstalk applications should not have prohibited tags
- Elastic beanstalk environments should not have prohibited tags
- ElastiCache clusters should not have prohibited tags
- ElasticSearch domains should not have prohibited tags
- EventBridge rules should not have prohibited tags
- GuardDuty detectors should not have prohibited tags
- IAM roles should not have prohibited tags
- IAM server certificates should not have prohibited tags
- IAM users should not have prohibited tags
- Inspector assessment templates should not have prohibited tags
- Kinesis firehose delivery streams should not have prohibited tags
- KMS keys should not have prohibited tags
- Lambda functions should not have prohibited tags
- RDS DB cluster parameter groups should not have prohibited tags
- RDS DB clusters should not have prohibited tags
- RDS DB cluster snapshots should not have prohibited tags
- RDS DB instances should not have prohibited tags
- RDS DB option groups should not have prohibited tags
- RDS DB parameter groups should not have prohibited tags
- RDS DB snapshots should not have prohibited tags
- RDS DB subnet groups should not have prohibited tags
- Redshift clusters should not have prohibited tags
- Route53 domains should not have prohibited tags
- Route 53 Resolver endpoints should not have prohibited tags
- S3 buckets should not have prohibited tags
- SageMaker endpoint configurations should not have prohibited tags
- SageMaker models should not have prohibited tags
- SageMaker notebook instances should not have prohibited tags
- SageMaker training jobs should not have prohibited tags
- Secrets Manager secrets should not have prohibited tags
- SSM parameters should not have prohibited tags
- VPC elastic IP addresses should not have prohibited tags
- VPC NAT gateways should not have prohibited tags
- VPC network ACLs should not have prohibited tags
- VPCs should not have prohibited tags
- VPC security groups should not have prohibited tags
- Vpc VPN connections should not have prohibited tags
- WAFV2 ip sets should not have prohibited tags
- WAFV2 regex pattern sets should not have prohibited tags
- WAFV2 rule groups should not have prohibited tags
- WAFV2 web acls should not have prohibited tags