Skip to content

Commit

Permalink
Merge pull request #846 from turbot/release/v1.2.0
Browse files Browse the repository at this point in the history 
Release/v1.2.0
  • Loading branch information
@misraved
misraved authored Nov 21, 2024
2 parents c781267 + 238f702 commit 1235494
Show file tree
Hide file tree
Showing 45 changed files with 587 additions and 15 deletions.
8 changes: 7 additions & 1 deletion CHANGELOG.md
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,9 @@
## v1.2.0 [2024-11-21]

_What's new?_

- Added NYDFS 23 benchmark (`powerpipe benchmark run aws_compliance.benchmark.nydfs_23`). ([#844](https://github.com/turbot/steampipe-mod-aws-compliance/pull/844))

## v1.1.1 [2024-10-30]

_Bug fixes_
Expand All @@ -10,7 +16,7 @@ _Bug fixes_

_What's new?_

- Added CIS v4.0.0 benchmark (`steampipe check benchmark.cis_v400`). ([#836](https://github.com/turbot/steampipe-mod-aws-compliance/pull/836))
- Added CIS v4.0.0 benchmark (`powerpipe benchmark run aws_compliance.benchmark.cis_v400`). ([#836](https://github.com/turbot/steampipe-mod-aws-compliance/pull/836))
- Added `ebs_encryption_by_default_enabled` and `vpc_security_group_restrict_ingress_cifs_port_all` controls to the `All Controls` benchmark. ([#835](https://github.com/turbot/steampipe-mod-aws-compliance/pull/835))

_Enhancements_
Expand Down
2 changes: 1 addition & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# AWS Compliance Mod for Powerpipe

540+ checks covering industry defined security best practices across all AWS regions. Includes full support for multiple best practice benchmarks including **the latest (v4.0.0) CIS benchmark**, CIS AWS Compute Services, PCI DSS, AWS Foundational Security, CISA Cyber Essentials, FedRAMP, FFIEC, GxP 21 CFR Part 11, GxP EU Annex 11, HIPAA Final Omnibus Security Rule 2013, HIPAA Security Rule 2003, NIST 800-53, NIST CSF, NIST 800-172, Reserve Bank of India, Audit Manager Control Tower, Australian Cyber Security Center (ACSC) Essential Eight, and more!
540+ checks covering industry defined security best practices across all AWS regions. Includes full support for multiple best practice benchmarks including **the latest (v4.0.0) CIS benchmark**, CIS AWS Compute Services, PCI DSS, AWS Foundational Security, CISA Cyber Essentials, FedRAMP, FFIEC, GxP 21 CFR Part 11, GxP EU Annex 11, HIPAA Final Omnibus Security Rule 2013, HIPAA Security Rule 2003, NIST 800-53, NIST CSF, NIST 800-172, NYDFS 23, Reserve Bank of India, Audit Manager Control Tower, Australian Cyber Security Center (ACSC) Essential Eight, and more!

Run checks in a dashboard:
![image](https://raw.githubusercontent.com/turbot/steampipe-mod-aws-compliance/main/docs/aws_cis_v400_dashboard.png)
Expand Down
1 change: 1 addition & 0 deletions conformance_pack/acm.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_cyber_security = "true"
soc_2 = "true"
Expand Down
4 changes: 4 additions & 0 deletions conformance_pack/apigateway.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_cyber_security = "true"
soc_2 = "true"
Expand All @@ -64,6 +65,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_cyber_security = "true"
rbi_itf_nbfc = "true"
Expand All @@ -85,6 +87,7 @@
nist_800_171_rev_2 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
rbi_cyber_security = "true"
rbi_itf_nbfc = "true"
})
Expand Down Expand Up @@ -115,6 +118,7 @@
nist_800_171_rev_2 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_cyber_security = "true"
})
Expand Down
2 changes: 2 additions & 0 deletions conformance_pack/autoscaling.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_itf_nbfc = "true"
})
Expand All @@ -60,6 +61,7 @@
nist_800_171_rev_2 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_cyber_security = "true"
rbi_itf_nbfc = "true"
Expand Down
3 changes: 3 additions & 0 deletions conformance_pack/backup.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@
hipaa_security_rule_2003 = "true"
nist_800_171_rev_2 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_itf_nbfc = "true"
soc_2 = "true"
Expand All @@ -42,6 +43,7 @@
hipaa_security_rule_2003 = "true"
nist_800_171_rev_2 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_itf_nbfc = "true"
soc_2 = "true"
Expand All @@ -62,6 +64,7 @@
hipaa_security_rule_2003 = "true"
nist_800_171_rev_2 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
soc_2 = "true"
})
Expand Down
6 changes: 6 additions & 0 deletions conformance_pack/cloudtrail.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_cyber_security = "true"
rbi_itf_nbfc = "true"
Expand Down Expand Up @@ -68,6 +69,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_cyber_security = "true"
rbi_itf_nbfc = "true"
Expand Down Expand Up @@ -95,6 +97,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_cyber_security = "true"
soc_2 = "true"
Expand All @@ -121,6 +124,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_cyber_security = "true"
rbi_itf_nbfc = "true"
Expand All @@ -147,6 +151,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
soc_2 = "true"
})
Expand All @@ -172,6 +177,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_cyber_security = "true"
rbi_itf_nbfc = "true"
Expand Down
3 changes: 3 additions & 0 deletions conformance_pack/cloudwatch.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,7 @@
tags = merge(local.conformance_pack_cloudwatch_common_tags, {
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
soc_2 = "true"
})
Expand Down Expand Up @@ -71,6 +72,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_cyber_security = "true"
soc_2 = "true"
Expand All @@ -94,6 +96,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_cyber_security = "true"
rbi_itf_nbfc = "true"
Expand Down
10 changes: 7 additions & 3 deletions conformance_pack/codebuild.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@
hipaa_security_rule_2003 = "true"
nist_800_53_rev_4 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
soc_2 = "true"
})
Expand All @@ -46,6 +47,7 @@
hipaa_security_rule_2003 = "true"
nist_800_53_rev_4 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
soc_2 = "true"
})
Expand Down Expand Up @@ -80,6 +82,7 @@
hipaa_final_omnibus_security_rule_2013 = "true"
hipaa_security_rule_2003 = "true"
nist_csf = "true"
nydfs_23 = "true"
rbi_itf_nbfc = "true"
})
}
Expand All @@ -90,9 +93,10 @@
query = query.codebuild_project_artifact_encryption_enabled
tags = merge(local.conformance_pack_codebuild_common_tags, {
gxp_21_cfr_part_11 = "true"
gxp_eu_annex_11 = "true"
nist_csf = "true"
gxp_21_cfr_part_11 = "true"
gxp_eu_annex_11 = "true"
nist_csf = "true"
nydfs_23 = "true"
})
}

Expand Down
5 changes: 3 additions & 2 deletions conformance_pack/dms.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_cyber_security = "true"
rbi_itf_nbfc = "true"
Expand Down Expand Up @@ -222,9 +223,9 @@
else title || ' source database logging disabled.'
end as reason
${local.tag_dimensions_sql}
${local.common_dimensions_sql}
${local.common_dimensions_sql}
from
aws_dms_replication_task as t
left join replication_task_logging as l on l.arn = t.arn;
left join replication_task_logging as l on l.arn = t.arn;
EOQ
}
4 changes: 4 additions & 0 deletions conformance_pack/dynamodb.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
rbi_itf_nbfc = "true"
})
}
Expand All @@ -45,6 +46,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_cyber_security = "true"
rbi_itf_nbfc = "true"
Expand All @@ -68,6 +70,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_cyber_security = "true"
})
Expand All @@ -91,6 +94,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_cyber_security = "true"
rbi_itf_nbfc = "true"
Expand Down
4 changes: 4 additions & 0 deletions conformance_pack/ebs.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
soc_2 = "true"
})
Expand All @@ -45,6 +46,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_cyber_security = "true"
rbi_itf_nbfc = "true"
Expand Down Expand Up @@ -85,6 +87,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_cyber_security = "true"
soc_2 = "true"
Expand All @@ -109,6 +112,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_cyber_security = "true"
rbi_itf_nbfc = "true"
Expand Down
5 changes: 5 additions & 0 deletions conformance_pack/ec2.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,6 +54,7 @@
nist_800_171_rev_2 = "true"
nist_800_53_rev_4 = "true"
nist_csf = "true"
nydfs_23 = "true"
rbi_itf_nbfc = "true"
soc_2 = "true"
})
Expand Down Expand Up @@ -97,6 +98,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_cyber_security = "true"
rbi_itf_nbfc = "true"
Expand All @@ -122,6 +124,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_cyber_security = "true"
rbi_itf_nbfc = "true"
Expand Down Expand Up @@ -177,6 +180,7 @@
nist_800_171_rev_2 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_itf_nbfc = "true"
soc_2 = "true"
Expand All @@ -197,6 +201,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
})
}

Expand Down
1 change: 1 addition & 0 deletions conformance_pack/ecs.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -68,6 +68,7 @@
nist_800_171_rev_2 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
})
}

Expand Down
2 changes: 2 additions & 0 deletions conformance_pack/efs.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_cyber_security = "true"
soc_2 = "true"
Expand All @@ -44,6 +45,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_cyber_security = "true"
rbi_itf_nbfc = "true"
Expand Down
1 change: 1 addition & 0 deletions conformance_pack/elasticache.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -74,6 +74,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_cyber_security = "true"
rbi_itf_nbfc = "true"
Expand Down
1 change: 1 addition & 0 deletions conformance_pack/elasticbeanstalk.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@
hipaa_final_omnibus_security_rule_2013 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
rbi_itf_nbfc = "true"
})
}
Expand Down
Loading

0 comments on commit 1235494

Please sign in to comment.