aws_compliance

AWS Compliance

Ensure whether AWS Elastic Kubernetes Service (AWS EKS) endpoint is not publicly accessible. The rule is compliant if the endpoint is publicly accessible.

eks_cluster_endpoint_restrict_public_access

pci_dss_v321_requirement_1_3

1.3 Examine firewall and router configurations—including but not limited to the choke router at the Internet, the DMZ router and firewall, the DMZ cardholder segment, the perimeter router, and the internal cardholder network segment—and perform the following to determine that there is no direct access between the Internet and system components in the internal cardholder network segment

pci_dss_v321_requirement_2_2_2

2.2.2 Enable only necessary services, protocols, daemons, etc., as required for the function of the system

nist_800_171_rev_2_3_1_1

3.1.1 Limit system access to authorized users, processes acting on behalf of authorized users, and devices (including other systems)

nist_800_171_rev_2_3_1_2

3.1.2 Limit system access to the types of transactions and functions that authorized users are permitted to execute

nist_800_171_rev_2_3_1_3

3.1.3 Control the flow of CUI in accordance with approved authorizations

cis_controls_v8_ig1_3_3

3.3 Configure Data Access Control Lists

pci_dss_v321_requirement_7_2_1

7.2.1 Confirm that access control systems are in place on all system components

all_controls_eks

nist_csf_pr_ac_3

PR.AC-3

nist_csf_pr_ac_4

PR.AC-4

nist_csf_pr_ac_5

PR.AC-5

nist_csf_pr_ds_5

PR.DS-5

nist_csf_pr_ip_8

PR.IP-8

nist_csf_pr_pt_3

PR.PT-3

nist_csf_pr_pt_4

PR.PT-4

EKS clusters endpoint should restrict public access

foundational_security_eks_1

Run individual configuration, compliance and security controls or full compliance benchmarks for CIS, FFIEC, PCI, NIST, HIPAA, RBI CSF, GDPR, SOC 2, Audit Manager Control Tower, FedRAMP, GxP and AWS Foundational Security Best Practices controls across all your AWS accounts using Powerpipe and Steampipe.

Apache License 2.0

steampipe-mod-aws-compliance

Control: EKS clusters endpoint should restrict public access

Description

Usage

SQL

Tags