Benchmark: Requirement 7: Restrict Access to System Components and Cardholder Data by Business Need to Know
Description
Unauthorized individuals may gain access to critical data or systems due to ineffective access control rules and definitions. To ensure critical data can only be accessed by authorized personnel, systems and processes must be in place to limit access based on need to know and according to job responsibilities.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-aws-complianceStart the Powerpipe server:
steampipe service startpowerpipe serverOpen http://localhost:9033 in your browser and select Requirement 7: Restrict Access to System Components and Cardholder Data by Business Need to Know.
Run this benchmark in your terminal:
powerpipe benchmark run aws_compliance.benchmark.pci_dss_v40_requirement_7Snapshot and share results via Turbot Pipes:
powerpipe benchmark run aws_compliance.benchmark.pci_dss_v40_requirement_7 --shareBenchmarks
- 7.2: Access to system components and data is appropriately defined and assigned
- 7.3: Access to system components and data is managed via an access control system(s)