Benchmark: MSK
Overview
This section contains recommendations for configuring AWS MSK resources and options.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-aws-complianceStart the Powerpipe server:
steampipe service startpowerpipe serverOpen http://localhost:9033 in your browser and select MSK.
Run this benchmark in your terminal:
powerpipe benchmark run aws_compliance.benchmark.foundational_security_mskSnapshot and share results via Turbot Pipes:
powerpipe benchmark run aws_compliance.benchmark.foundational_security_msk --shareControls
- 1 MSK clusters should be encrypted in transit among broker nodes
- 3 MSK Connect connectors should be encrypted in transit
- 4 MSK clusters should have public access disabled
- 5 MSK connectors should have logging enabled
- 6 MSK clusters should disable unauthenticated access