aws_compliance

Ensure that AWS Redshift cluster has 'enhancedVpcRouting' enabled. The rule is non-compliant if 'enhancedVpcRouting' is not enabled or if the configuration.enhancedVpcRouting field is 'false'.

redshift_cluster_enhanced_vpc_routing_enabled

pci_dss_v40_requirement_1_3_1

1.3.1: Inbound traffic to the CDE is restricted as follows: To only traffic that is necessary, All other traffic is specifically denied

pci_dss_v40_requirement_1_3_2

1.3.2: Outbound traffic from the CDE is restricted as follows: To only traffic that is necessary, All other traffic is specifically denied

pci_dss_v40_requirement_1_4_1

1.4.1: NSCs are implemented between trusted and untrusted networks

pci_dss_v40_requirement_1_4_2

1.4.2: Inbound traffic from untrusted networks to trusted networks is restricted

pci_dss_v40_requirement_1_4_4

1.4.4: System components that store cardholder data are not directly accessible from untrusted networks

gxp_21_cfr_part_11_11_10_g

11.10(g) Use of authority checks to ensure that only authorized individuals can use the system, electronically sign a record, access the operation or computer system input or output device, alter a record, or perform the operation at hand

hipaa_final_omnibus_security_rule_2013_164_312_e_1

164.312(e)(1) Transmission security

nist_800_172_3_1_3_e

3.1.3e Employ [Assignment: organization-defined secure information transfer solutions] to control information flows between security domains on connected systems

nist_800_171_rev_2_3_13_1

3.13.1 Monitor, control, and protect communications (i.e., information transmitted or received by organizational systems) at the external boundaries and key internal boundaries of organizational systems

nist_800_172_3_13_4_e

3.13.4e Employ [Selection: (one or more): [Assignment: organization-defined physical isolation techniques]; [Assignment: organization-defined logical isolation techniques]] in organizational systems and system components

nist_800_53_rev_5_ac_4_21

AC-4(21) Physical Or Logical Separation Of Infomation Flows

ffiec_d_3_pc_im_b_1

D3.PC.Im.B.1

nist_csf_pr_ac_3

PR.AC-3

nist_csf_pr_ac_5

PR.AC-5

nist_csf_v2_pr_ir_02

PR.IR-02

nist_csf_v2_pr_ir_04

PR.IR-04

nist_csf_pr_pt_3

PR.PT-3

all_controls_redshift

Redshift

nist_800_53_rev_5_sc_7_b

SC-7(b)

AWS Redshift enhanced VPC routing should be enabled

foundational_security_redshift_7

Run individual configuration, compliance and security controls or full compliance benchmarks for CIS, FFIEC, PCI, NIST, HIPAA, RBI CSF, GDPR, SOC 2, Audit Manager Control Tower, FedRAMP, GxP and AWS Foundational Security Best Practices controls across all your AWS accounts using Powerpipe and Steampipe.

AWS Compliance

Apache License 2.0

steampipe-mod-aws-compliance

Control: AWS Redshift enhanced VPC routing should be enabled

Description

Usage

SQL

Tags