aws_compliance

AWS Compliance

An inventory of the software platforms and applications within the organization is possible by managing AWS Elastic Compute Cloud (AWS EC2) instances with AWS Systems Manager.

ec2_instance_ssm_managed

gxp_21_cfr_part_11_11_10_a

11.10(a) Validation of systems to ensure accuracy, reliability, consistent intended performance, and the ability to discern invalid or altered records

gxp_21_cfr_part_11_11_10_h

11.10(h) Use of device (e.g., terminal) checks to determine, as appropriate, the validity of the source of data input or operational instruction

cis_controls_v8_ig1_12_1

12.1 Ensure Network Infrastructure is Up-to-Date

hipaa_final_omnibus_security_rule_2013_164_308_a_1_ii_b

164.308(a)(1)(ii)(B) Risk management

hipaa_security_rule_2003_164_308_a_1_ii_b

hipaa_final_omnibus_security_rule_2013_164_308_a_5_ii_b

164.308(a)(5)(ii)(B) Protection from malicious software

hipaa_security_rule_2003_164_308_a_5_ii_b

nist_800_171_rev_2_2_2

2.2. List all software components installed on the system

pci_dss_v321_requirement_2_2_4

2.2.4 Configure system security parameters to prevent misuse

pci_dss_v321_requirement_2_2_5_b

2.2.5.b. Examine the documentation and security parameters to verify enabled functions are documented and support secure configuration

pci_dss_v321_requirement_2_4

2.4 Maintain an inventory of system components that are in scope for PCI DSS

rbi_itf_nbfc_3_1_a

3.1.a Identification and Classification of Information Assets

nist_800_171_rev_2_3_14_2

3.14.2 Provide protection from malicious code at designated locations within organizational systems

nist_800_172_3_14_7_e

3.14.7e Verify the correctness of [Assignment: organization-defined security critical or essential software, firmware, and hardware components] using [Assignment: organization-defined verification methods or techniques].

rbi_itf_nbfc_3_3

3.3 Vulnerability Management

nist_800_171_rev_2_3_4_1

3.4.1 Establish and maintain baseline configurations and inventories of organizational systems (including hardware, software, firmware, and documentation) throughout the respective system development life cycles

nist_800_171_rev_2_3_4_2

3.4.2 Establish and enforce security configuration settings for information technology products employed in organizational systems

nist_800_172_3_4_3_e

3.4.3e Employ automated discovery and management tools to maintain an up-to-date, complete, accurate, and readily available inventory of system components

nist_800_171_rev_2_3_4_6

3.4.6 Employ the principle of least functionality by configuring organizational systems to provide only essential capabilities

nist_800_171_rev_2_3_4_9

3.4.9 Control and monitor user-installed software

rbi_itf_nbfc_3_5

3.5 Cyber Crisis Management Plan

pci_dss_v321_requirement_6_2

6.2 Ensure that all system components and software are protected from known vulnerabilities by installing applicable vendor- supplied security patches

rbi_cyber_security_annex_i_1_1

Annex I (1.1)

fedramp_moderate_rev_4_si_2_2

Automated Flaw Remediation Status (SI-2(2))

fedramp_moderate_rev_4_cm_2

Baseline Configuration (CM-2)

nist_800_53_rev_4_cm_2

fedramp_low_rev_4_cm_2

soc_2_cc_3_2

CC3.2 COSO Principle 7: The entity identifies risks to the achievement of its objectives across the entity and analyzes risks as a basis for determining how the risks should be managed

soc_2_cc_6_1

CC6.1 The entity implements logical access security software, infrastructure, and architectures over protected information assets to protect them from security events to meet the entity's objectives

soc_2_cc_6_2

CC6.2 Prior to issuing system credentials and granting system access, the entity registers and authorizes new internal and external users whose access is administered by the entity

soc_2_cc_7_1

CC7.1 To meet its objectives, the entity uses detection and monitoring procedures to identify (1) changes to configurations that result in the introduction of new vulnerabilities, and (2) susceptibilities to newly discovered vulnerabilities

nist_800_53_rev_5_cm_2_2

CM-2(2) Automation Support For Accuracy And Currency

nist_800_53_rev_5_cm_2_a

CM-2(a)

nist_800_53_rev_5_cm_2_b

CM-2(b)

nist_800_53_rev_5_cm_2_b_1

CM-2(b)(1)

nist_800_53_rev_5_cm_2_b_2

CM-2(b)(2)

nist_800_53_rev_5_cm_2_b_3

CM-2(b)(3)

nist_800_53_rev_5_cm_3_3

CM-3(3) Automated Change Implementation

fedramp_moderate_rev_4_cm_7_a

CM-7(a)

fedramp_moderate_rev_4_cm_8_1

CM-8(1)

nist_800_53_rev_4_cm_8_1

CM-8(1) Updates During Installation / Removals

nist_800_53_rev_5_cm_8_1

CM-8(1) Updates During Installation And Removals

nist_800_53_rev_5_cm_8_2

CM-8(2) Automated Maintenance

nist_800_53_rev_4_cm_8_3

CM-8(3) Automated Unauthorized Component Detection

fedramp_moderate_rev_4_cm_8_3_a

CM-8(3)(a)

nist_800_53_rev_5_cm_8_3_a

nist_800_53_rev_5_cm_8_6

CM-8(6) Assessed Configurations And Approved Deviations

nist_800_53_rev_5_cm_8_a

CM-8(a)

nist_800_53_rev_5_cm_8_a_1

CM-8(a)(1)

nist_800_53_rev_5_cm_8_a_2

CM-8(a)(2)

nist_800_53_rev_5_cm_8_a_3

CM-8(a)(3)

nist_800_53_rev_5_cm_8_a_4

CM-8(a)(4)

nist_800_53_rev_5_cm_8_a_5

CM-8(a)(5)

nist_800_53_rev_5_cm_8_b

CM-8(b)

nist_800_53_rev_5_cm_6

Configuration Settings (CM-6)

ffiec_d_1_g_it_b_1

D1.G.IT.B.1

ffiec_d_3_pc_im_b_5

D3.PC.Im.B.5

nist_800_53_rev_4_sa_10

Developer Configuration Management (SA-10)

fedramp_moderate_rev_4_sa_10

nist_csf_id_am_1

ID.AM-1

nist_csf_id_am_2

ID.AM-2

fedramp_low_rev_4_cm_8

Information System Component Inventory (CM-8)

nist_800_53_rev_4_cm_7

Least Functionality (CM-7)

nist_csf_pr_ds_3

PR.DS-3

nist_csf_pr_ds_7

PR.DS-7

nist_csf_pr_ds_8

PR.DS-8

nist_csf_pr_ip_1

PR.IP-1

nist_csf_pr_ip_12

PR.IP-12

nist_csf_pr_ip_2

PR.IP-2

fedramp_moderate_rev_4_sa_3_a

SA-3(a)

nist_800_53_rev_4_si_2_2

SI-2(2) Automates Flaw Remediation Status

nist_800_53_rev_5_si_3_c_2

SI-3(c)(2)

nist_800_53_rev_4_si_7_1

SI-7(1) Integrity Checks

fedramp_moderate_rev_4_si_7_1

all_controls_ssm

nist_800_53_rev_4_sa_3

System Development Life Cycle (SA-3)

fedramp_low_rev_4_sa_3

cisa_cyber_essentials_your_systems_1

Your Systems-1

EC2 instances should be managed by AWS Systems Manager

cis_compute_service_v100_2_9

foundational_security_ssm_1

Run individual configuration, compliance and security controls or full compliance benchmarks for CIS, FFIEC, PCI, NIST, HIPAA, RBI CSF, GDPR, SOC 2, Audit Manager Control Tower, FedRAMP, GxP and AWS Foundational Security Best Practices controls across all your AWS accounts using Powerpipe and Steampipe.

Apache License 2.0

steampipe-mod-aws-compliance

Control: EC2 instances should be managed by AWS Systems Manager

Description

Usage

SQL

Tags