Benchmark: BP04 Automate compute protection
Description
Automate your protective compute mechanisms including vulnerability management, reduction in attack surface, and management of resources. The automation will help you invest time in securing other aspects of your workload, and reduce the risk of human error.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-aws-well-architectedStart the Powerpipe server:
steampipe service startpowerpipe serverOpen http://localhost:9033 in your browser and select BP04 Automate compute protection.
Run this benchmark in your terminal:
powerpipe benchmark run aws_well_architected.benchmark.well_architected_framework_sec06_bp04Snapshot and share results via Turbot Pipes:
powerpipe benchmark run aws_well_architected.benchmark.well_architected_framework_sec06_bp04 --shareControls
- EC2 instances should have IAM profile attached
- EC2 instances should be managed by AWS Systems Manager
- EC2 instances should not use multiple ENIs
- EC2 stopped instances should be removed in 30 days