Benchmark: VPC Detections
Description
This benchmark contains recommendations when scanning CloudTrail logs for VPC events.
Usage
Install the mod:
mkdir dashboardscd dashboardspowerpipe mod initpowerpipe mod install github.com/turbot/tailpipe-mod-aws-cloudtrail-log-detectionsStart the Powerpipe server:
powerpipe serverOpen http://localhost:9033 in your browser and select VPC Detections.
Run this benchmark in your terminal:
powerpipe benchmark run aws_cloudtrail_log_detections.benchmark.vpc_detectionsSnapshot and share results via Turbot Pipes:
powerpipe benchmark run aws_cloudtrail_log_detections.benchmark.vpc_detections --shareDetections
- VPC Classic Link Enabled
- VPC Created
- VPC Deleted
- VPC Flow Log Deleted
- VPC Internet Gateway Added to Public Route Table
- VPC Internet Gateway Detached
- VPC Network ACL Entry Updated With Allow Public Access
- VPC Network ACL Entry Updated
- VPC Peering Connection Deleted
- VPC Route Table Association Replaced
- VPC Route Table Deleted
- VPC Route Table Route Deleted
- VPC Route Table Route Disassociated
- VPC Security Group Deleted
- VPC Security Group Ingress/Egress Rule Authorized to Allow All
- VPC Security Group Ingress/Egress Rule Updated