aws_compliance

AWS Compliance

Ensure the Instance Metadata Service Version 2 (IMDSv2) method is enabled to help protect access and control of AWS Elastic Compute Cloud (AWS EC2) instance metadata.

ec2_instance_uses_imdsv2

gxp_21_cfr_part_11_11_10_d

11.10(d) Limiting system access to authorized individuals

gxp_21_cfr_part_11_11_10_g

11.10(g) Use of authority checks to ensure that only authorized individuals can use the system, electronically sign a record, access the operation or computer system input or output device, alter a record, or perform the operation at hand

hipaa_final_omnibus_security_rule_2013_164_308_a_3_i

164.308(a)(3)(i) Workforce security

hipaa_final_omnibus_security_rule_2013_164_308_a_4_ii_c

164.308(a)(4)(ii)(C) Access establishment and modification

hipaa_final_omnibus_security_rule_2013_164_312_a_1

164.312(a)(1) Access control

cis_controls_v8_ig1_3_3

3.3 Configure Data Access Control Lists

nydfs_23_500_02_b_2

500.02(b)(2)

nist_800_53_rev_5_ac_2_6

AC-2(6) Dynamic Privilege Management

nist_800_53_rev_5_ac_3_12_a

AC-3(12)(a)

nist_800_53_rev_5_ac_3_13

AC-3(13) Attribute-Based Access Control

nist_800_53_rev_5_ac_3_15_a

AC-3(15)(a)

nist_800_53_rev_5_ac_3_15_b

AC-3(15)(b)

nist_800_53_rev_5_ac_3_3

AC-3(3) Mandatory Access Control

nist_800_53_rev_5_ac_3_3_a

AC-3(3)(a)

nist_800_53_rev_5_ac_3_3_b_1

AC-3(3)(b)(1)

nist_800_53_rev_5_ac_3_3_b_2

AC-3(3)(b)(2)

nist_800_53_rev_5_ac_3_3_b_3

AC-3(3)(b)(3)

nist_800_53_rev_5_ac_3_3_b_4

AC-3(3)(b)(4)

nist_800_53_rev_5_ac_3_3_b_5

AC-3(3)(b)(5)

nist_800_53_rev_5_ac_3_3_c

AC-3(3)(c)

nist_800_53_rev_5_ac_3_4

AC-3(4) Discretionary Access Control

nist_800_53_rev_5_ac_3_4_a

AC-3(4)(a)

nist_800_53_rev_5_ac_3_4_b

AC-3(4)(b)

nist_800_53_rev_5_ac_3_4_c

AC-3(4)(c)

nist_800_53_rev_5_ac_3_4_d

AC-3(4)(d)

nist_800_53_rev_5_ac_3_4_e

AC-3(4)(e)

nist_800_53_rev_5_ac_3_7

AC-3(7) Role-Based Access Control

nist_800_53_rev_5_ac_3_8

AC-3(8) Revocation Of Access Authorizations

nist_800_53_rev_5_ac_4_28

AC-4(28) Linear Filter Pipelines

nist_800_53_rev_5_ac_24

Access Control Decisions (AC-24)

fedramp_low_rev_4_ac_3

Access Enforcement (AC-3)

nist_800_53_rev_5_ac_3

fedramp_moderate_rev_4_ac_3

nist_800_53_rev_5_cm_5_1_a

CM-5(1)(a)

all_controls_ec2

nist_800_53_rev_4_ac_6

Least Privilege (AC-6)

nist_800_53_rev_5_ac_6

fedramp_moderate_rev_4_ac_6

nist_800_53_rev_5_mp_2

Media Access (MP-2)

nist_csf_pr_ac_4

PR.AC-4

nist_800_53_rev_5_sc_23_3

SC-23(3) Unique System-Generated Session Identifiers

EC2 instances should use IMDSv2

cis_compute_service_v100_2_8

cis_v200_5_6

cis_v300_5_6

cis_v400_5_7

foundational_security_ec2_8

Run individual configuration, compliance and security controls or full compliance benchmarks for CIS, FFIEC, PCI, NIST, HIPAA, RBI CSF, GDPR, SOC 2, Audit Manager Control Tower, FedRAMP, GxP and AWS Foundational Security Best Practices controls across all your AWS accounts using Powerpipe and Steampipe.

Apache License 2.0

steampipe-mod-aws-compliance

Control: EC2 instances should use IMDSv2

Description

Usage

SQL

Tags