v1.0 for Steampipe, Powerpipe, Flowpipe, 116 plugins, and 44 mods →
Powerpipe Hub 
Hub
Mods
turbot/ibm_compliance
Overview
1Dashboards
67Controls
20Queries
0Variables
GitHub

Control: 6.1.3 Ensure DDoS protection is Active on IBM Cloud Internet Services

Description

VPC access control lists filter all incoming and outgoing traffic in IBM Cloud VPC. An ACL is a built-in, virtual firewall where ACL rules control traffic to and from the subnets, rather than to and from the virtual servers. It is recommended that no ACL allows unrestricted ingress access to port 22.

Remediation

From Console

  1. Login to the IBM Cloud Portal.
  2. At the Menu icon, select VPC Infrastructure-->Access Control Lists.
  3. For each security group, perform the following: a. Select the access control list name. b. Identify the Inbound rule to be removed. c. Using the Options icon, select Delete.

Usage

Run the control in your terminal:

powerpipe control run ibm_compliance.control.cis_v100_6_1_3

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run ibm_compliance.control.cis_v100_6_1_3 --share

SQL

This control uses a named query:

internet_service_ddos_protection_active

Tags

category = Compliance
cis = true
cis_item_id = 6.1.3
cis_level = 1
cis_section_id = 6.1
cis_type = manual
cis_version = v1.0.0
plugin = ibm
service = IBM/CIS