Benchmark: 2.1 Cloud Object Storage
Description
Cloud Object Storage stores encrypted and dispersed data across multiple geographic locations. Information stored with IBM Cloud Object Storage is encrypted and dispersed across multiple geographic locations, and accessed over popular protocols like HTTPS using a modern RESTful API.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/steampipe-mod-ibm-complianceStart the Powerpipe server:
steampipe service startpowerpipe serverOpen http://localhost:9033 in your browser and select 2.1 Cloud Object Storage.
Run this benchmark in your terminal:
powerpipe benchmark run ibm_compliance.benchmark.cis_v100_2_1Snapshot and share results via Turbot Pipes:
powerpipe benchmark run ibm_compliance.benchmark.cis_v100_2_1 --shareBenchmarks
Controls
- 2.1.2 Ensure network access for Cloud Object Storage is restricted to specific IP range
- 2.1.3 Ensure network access for Cloud Object Storage is set to be exposed only on Private end-points
- 2.1.4 Ensure Cloud Object Storage bucket access is restricted by using IAM and S3 access control
- 2.1.5 Disable public (anonymous) access to IBM Cloud Object Storage buckets