aws_compliance

AWS Compliance

This control checks whether AWS Config is enabled in the account for the local Region and is recording all resources.

config_enabled_all_regions

gxp_eu_annex_11_general_1

1 Risk Management

gxp_eu_annex_11_operational_phase_10

10 Change and Configuration Management

pci_dss_v321_requirement_10_5_2

10.5.2 Current audit trail files are protected from unauthorized modifications via access control mechanisms, physical segregation, and/or network segregation

pci_dss_v321_requirement_11_5

11.5 Deploy a change-detection mechanism (for example, file-integrity monitoring tools) to alert personnel to unauthorized modification (including changes, additions, and deletions) of critical system files, configuration files, or content files; and configure the software to perform critical file comparisons at least weekly

pci_dss_v321_requirement_11_5_a

11.5.a Verify the use of a change-detection mechanism by observing system settings and monitored files, as well as reviewing results from monitoring activities

pci_dss_v321_requirement_11_5_b

11.5.b Verify the mechanism is configured to alert personnel to unauthorized modification (including changes, additions, and deletions) of critical files, and to perform critical file comparisons at least weekly

hipaa_final_omnibus_security_rule_2013_164_308_a_1_ii_a

164.308(a)(1)(ii)(A) Risk analysis

hipaa_security_rule_2003_164_308_a_1_ii_a

nist_800_171_rev_2_2_2

2.2. List all software components installed on the system

pci_dss_v321_requirement_2_4

2.4 Maintain an inventory of system components that are in scope for PCI DSS

pci_dss_v321_requirement_2_4_a

2.4.a Examine system inventory to verify that a list of hardware and software components is maintained and includes a description of function/use for each

nist_800_171_rev_2_3_12_1

3.12.1 Periodically assess the security controls in organizational systems to determine if the controls are effective in their application

nist_800_171_rev_2_3_12_3

3.12.3 Monitor security controls on an ongoing basis to ensure the continued effectiveness of the controls

nist_800_171_rev_2_3_12_4

3.12.4 Develop, document, and periodically update system security plans that describe system boundaries, system environments of operation, how security requirements are implemented, and the relationships with or connections to other systems

nist_800_171_rev_2_3_4_2

3.4.2 Establish and enforce security configuration settings for information technology products employed in organizational systems

nist_800_171_rev_2_3_4_3

3.4.3 Track, review, approve or disapprove, and log changes to organizational systems

nist_800_171_rev_2_3_4_4

3.4.4 Analyze the security impact of changes prior to implementation

nist_800_171_rev_2_3_4_5

3.4.5 Define, document, approve, and enforce physical and logical access restrictions associated with changes to organizational systems

gxp_eu_annex_11_project_phase_4_5

4.5 Validation - Development Quality

gxp_eu_annex_11_project_phase_4_6

4.6 Validation - Quality and Performance

article_25

Article 25 Data protection by design and by default

article_30

Article 30 Records of processing activities

soc_2_cc_2_1

CC2.1 COSO Principle 13: The entity obtains or generates and uses relevant, quality information to support the functioning of internal control

soc_2_cc_3_1

CC3.1 COSO Principle 6: The entity specifies objectives with sufficient clarity to enable the identification and assessment of risks relating to objectives

soc_2_cc_3_4

CC3.4 COSO Principle 9: The entity identifies and assesses changes that could significantly impact the system of internal control

soc_2_cc_8_1

CC8.1 The entity authorizes, designs, develops or acquires, configures, documents, tests, approves, and implements changes to infrastructure, data, software, and procedures to meet its objectives

all_controls_config

Config

nist_csf_de_cm_2

DE.CM-2

nist_csf_id_am_1

ID.AM-1

nist_csf_id_ra_1

ID.RA-1

nist_csf_id_ra_5

ID.RA-5

nist_csf_id_sc_4

ID.SC-4

nist_csf_pr_ip_12

PR.IP-12

AWS Config should be enabled

cis_v120_2_5

cis_v130_3_5

cis_v140_3_5

cis_v150_3_5

cis_v200_3_5

cis_v300_3_3

cis_v400_3_3

foundational_security_config_1

Run individual configuration, compliance and security controls or full compliance benchmarks for CIS, FFIEC, PCI, NIST, HIPAA, RBI CSF, GDPR, SOC 2, Audit Manager Control Tower, FedRAMP, GxP and AWS Foundational Security Best Practices controls across all your AWS accounts using Powerpipe and Steampipe.

Apache License 2.0

steampipe-mod-aws-compliance

Control: AWS Config should be enabled

Description

Usage

SQL

Tags