aws_compliance

AWS Compliance

This control checks whether IMDSv2 is enabled on all instances launched by AWS EC2 Auto Scaling groups. The control fails if the Instance Metadata Service (IMDS) version is not included in the launch configuration or if both IMDSv1 and IMDSv2 are enabled.

autoscaling_launch_config_requires_imdsv2

pci_dss_v321_requirement_1_3_3

1.3.3 Examine firewall and router configurations to verify that anti-spoofing measures are implemented, for example internal addresses cannot pass from the Internet into the DMZ

pci_dss_v321_requirement_1_3_4

1.3.4 Do not allow unauthorized outbound traffic from the cardholder data environment to the Internet

pci_dss_v321_requirement_2_2_a

2.2.a Examine the organization's system configuration standards for all types of system components and verify the system configuration standards are consistent with industry-accepted hardening standards

pci_dss_v321_requirement_2_2_d

2.2.d Verify that system configuration standards include the procedures like changing of all vendor-supplied defaults and elimination of unnecessary default accounts etc. for all types of system components

all_controls_autoscaling

Auto Scaling

nist_csf_pr_ip_1

PR.IP-1

Auto Scaling group should configure EC2 instances to require Instance Metadata Service Version 2 (IMDSv2)

foundational_security_autoscaling_3

Run individual configuration, compliance and security controls or full compliance benchmarks for CIS, FFIEC, PCI, NIST, HIPAA, RBI CSF, GDPR, SOC 2, Audit Manager Control Tower, FedRAMP, GxP and AWS Foundational Security Best Practices controls across all your AWS accounts using Powerpipe and Steampipe.

Apache License 2.0

steampipe-mod-aws-compliance

Control: Auto Scaling group should configure EC2 instances to require Instance Metadata Service Version 2 (IMDSv2)

Description

Usage

SQL

Tags