aws_compliance

AWS Compliance

Ensure that your AWS Redshift clusters require TLS/SSL encryption to connect to SQL clients.

redshift_cluster_encryption_in_transit_enabled

gxp_21_cfr_part_11_11_10_c

11.10(c) Protection of records to enable their accurate and ready retrieval throughout the records retention period

gxp_21_cfr_part_11_11_30

11.30 Controls for open systems

hipaa_final_omnibus_security_rule_2013_164_308_a_1_ii_b

164.308(a)(1)(ii)(B) Risk management

hipaa_security_rule_2003_164_308_a_1_ii_b

hipaa_final_omnibus_security_rule_2013_164_308_a_4_ii_a

164.308(a)(4)(ii)(A) Isolating healthcare clearing house functions

hipaa_security_rule_2003_164_308_a_4_ii_a

hipaa_final_omnibus_security_rule_2013_164_312_a_2_iv

164.312(a)(2)(iv) Encryption and decryption

hipaa_final_omnibus_security_rule_2013_164_312_c_1

164.312(c)(1) Integrity

hipaa_security_rule_2003_164_312_c_1

hipaa_security_rule_2003_164_312_e_1

164.312(e)(1) Transmission security

hipaa_final_omnibus_security_rule_2013_164_312_e_1

hipaa_final_omnibus_security_rule_2013_164_312_e_2_i

164.312(e)(2)(i) Integrity controls

hipaa_security_rule_2003_164_312_e_2_i

hipaa_final_omnibus_security_rule_2013_164_312_e_2_ii

164.312(e)(2)(ii) Encryption

hipaa_final_omnibus_security_rule_2013_164_314_b_1

164.314(b)(1) Requirements for group health plans

hipaa_security_rule_2003_164_314_b_1

hipaa_final_omnibus_security_rule_2013_164_314_b_2

164.314(b)(2) Implementation specifications

hipaa_security_rule_2003_164_314_b_2

hipaa_final_omnibus_security_rule_2013_164_314_b_2_i

164.314(b)(2)(i)

hipaa_final_omnibus_security_rule_2013_164_314_b_2_ii

164.314(b)(2)(ii)

hipaa_final_omnibus_security_rule_2013_164_314_b_2_iii

164.314(b)(2)(iii)

hipaa_final_omnibus_security_rule_2013_164_314_b_2_iv

164.314(b)(2)(iv)

pci_dss_v321_requirement_2_3

2.3 Encrypt all non-console administrative access using strong cryptography

nist_800_171_rev_2_3_1_13

3.1.13 Employ cryptographic mechanisms to protect the confidentiality of remote access sessions

nist_800_172_3_1_3_e

3.1.3e Employ [Assignment: organization-defined secure information transfer solutions] to control information flows between security domains on connected systems

rbi_itf_nbfc_3_1_i

3.1.i Public Key Infrastructure (PKI)

nist_800_171_rev_2_3_13_1

3.13.1 Monitor, control, and protect communications (i.e., information transmitted or received by organizational systems) at the external boundaries and key internal boundaries of organizational systems

nist_800_171_rev_2_3_13_11

3.13.11 Employ FIPS-validated cryptography when used to protect the confidentiality of CUI

nist_800_171_rev_2_3_13_5

3.13.5 Implement subnetworks for publicly accessible system components that are physically or logically separated from internal networks

nist_800_171_rev_2_3_13_8

3.13.8 Implement cryptographic mechanisms to prevent unauthorized disclosure of CUI during transmission unless otherwise protected by alternative physical safeguards

pci_dss_v321_requirement_4_1

4.1 Use strong cryptography and security protocols to safeguard sensitive cardholder data during transmission over open, public networks

pci_dss_v321_requirement_4_1_a

4.1.a Identify all locations where cardholder data is transmitted or received over open, public networks

pci_dss_v321_requirement_4_1_g

4.1.g For TLS implementations, examine system configurations to verify that TLS is enabled whenever cardholder data is transmitted or received

nydfs_23_500_02_a

500.02(a)

nydfs_23_500_15_a

500.15(a)

pci_dss_v321_requirement_8_2_1

8.2.1 Using strong cryptography, render all authentication credentials (such as passwords/phrases) unreadable during transmission and storage on all system components

pci_dss_v321_requirement_8_2_1_a

8.2.1.a Examine vendor documentation and system configuration settings to verify that passwords are protected with strong cryptography during transmission and storage

fedramp_moderate_rev_4_ac_17_2

AC-17(2) Protection Of Confidentiality/Integrity Using Encryption

nist_800_53_rev_4_ac_17_2

nist_800_53_rev_5_ac_24_1

AC-24(1)

nist_800_53_rev_5_ac_4_22

AC-4(22) Access Only

nist_800_53_rev_5_au_9_3

AU-9(3) Cryptographic Protection

rbi_cyber_security_annex_i_1_3

Annex I (1.3)

article_32

Article 32 Security of processing

fedramp_low_rev_4_sc_7

Boundary Protection (SC-7)

nist_800_53_rev_4_sc_7

fedramp_moderate_rev_4_sc_7

nist_800_53_rev_5_ca_9_b

CA-9(b)

soc_2_cc_6_1

CC6.1 The entity implements logical access security software, infrastructure, and architectures over protected information assets to protect them from security events to meet the entity's objectives

soc_2_cc_6_2

CC6.2 Prior to issuing system credentials and granting system access, the entity registers and authorizes new internal and external users whose access is administered by the entity

soc_2_cc_6_7

CC6.7 The entity restricts the transmission, movement, and removal of information to authorized internal and external users and processes, and protects it during transmission, movement, or removal to meet the entity’s objectives

ffiec_d_3_pc_am_b_12

D3.PC.Am.B.12

ffiec_d_3_pc_am_b_13

D3.PC.Am.B.13

ffiec_d_3_pc_am_b_15

D3.PC.Am.B.15

nist_800_53_rev_5_ac_4

Information Flow Enforcement (AC-4)

nist_800_53_rev_5_pm_17_b

PM-17(b)

nist_csf_pr_ds_2

PR.DS-2

all_controls_redshift

Redshift

fedramp_low_rev_4_ac_17

Remote Access (AC-17)

nist_800_53_rev_5_sc_13_a

SC-13(a)

nist_800_53_rev_5_sc_7_4_b

SC-7(4)(b)

nist_800_53_rev_5_sc_7_4_g

SC-7(4)(g)

nist_800_53_rev_5_sc_7_5

SC-7(5) Deny By Default — Allow By Exception

nist_800_53_rev_4_sc_8_1

SC-8(1) Cryptographic Or Alternate Physical Protection

fedramp_moderate_rev_4_sc_8_1

nist_800_53_rev_5_sc_8_1

SC-8(1) Cryptographic Protection

nist_800_53_rev_5_sc_8_2

SC-8(2) Pre- And Post-Transmission Handling

nist_800_53_rev_5_sc_8_3

SC-8(3) Cryptographic Protection For Message Externals

nist_800_53_rev_5_sc_8_4

SC-8(4) Conceal Or Ramdomize Communications

nist_800_53_rev_5_sc_8_5

SC-8(5) Protected Distribution System

nist_800_53_rev_5_si_1_a_2

SI-1(a)(2)

nist_800_53_rev_5_si_1_c_2

SI-1(c)(2)

fedramp_moderate_rev_4_sc_23

Session Authenticity (SC-23)

nist_800_53_rev_5_sc_23

nist_800_53_rev_5_sc_8

Transmission Confidentiality And Integrity (SC-8)

nist_800_53_rev_4_sc_8

fedramp_moderate_rev_4_sc_8

Transmission Integrity (SC-8)

cisa_cyber_essentials_your_data_2

Your Data-2

cisa_cyber_essentials_your_systems_3

Your Systems-3

Redshift cluster encryption in transit should be enabled

foundational_security_redshift_2

Run individual configuration, compliance and security controls or full compliance benchmarks for CIS, FFIEC, PCI, NIST, HIPAA, RBI CSF, GDPR, SOC 2, Audit Manager Control Tower, FedRAMP, GxP and AWS Foundational Security Best Practices controls across all your AWS accounts using Powerpipe and Steampipe.

Apache License 2.0

steampipe-mod-aws-compliance

Control: Redshift cluster encryption in transit should be enabled

Description

Usage

SQL

Tags