Benchmark: 2.1 Amazon Machine Images (AMI)
Amazon Machine Images (AMI)
This section contains recommendations for the security of Amazon Machine Images (AMI's) that you could utilize within the AWS EC2 Service. An Amazon Machine Image (AMI) is a image provided by AWS and its Partners. You must specify an AMI when you launch an instance. You can launch multiple instances from a single AMI when you require multiple instances with the same configuration. You can use different AMIs to launch instances when you require instances with different configurations.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-aws-complianceStart the Powerpipe server:
steampipe service startpowerpipe serverOpen http://localhost:9033 in your browser and select 2.1 Amazon Machine Images (AMI).
Run this benchmark in your terminal:
powerpipe benchmark run aws_compliance.benchmark.cis_compute_service_v100_2_1Snapshot and share results via Turbot Pipes:
powerpipe benchmark run aws_compliance.benchmark.cis_compute_service_v100_2_1 --shareControls
- 2.1.1 Ensure Consistent Naming Convention is used for Organizational AMI
- 2.1.2 Ensure Images (AMI's) are encrypted
- 2.1.3 Ensure Only Approved AMIs (Images) are Used
- 2.1.4 Ensure Images (AMI) are not older than 90 days
- 2.1.5 Ensure Images are not Publicly Available