Skip to content

Commit

Permalink
Add benchmark for NYDFS 23 NYCRR 500 closes #843 (#844)
Browse files Browse the repository at this point in the history
  • Loading branch information
@khushboo9024
khushboo9024 authored Nov 20, 2024
1 parent c781267 commit c6fa5f2
Show file tree
Hide file tree
Showing 44 changed files with 580 additions and 14 deletions.
2 changes: 1 addition & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# AWS Compliance Mod for Powerpipe

540+ checks covering industry defined security best practices across all AWS regions. Includes full support for multiple best practice benchmarks including **the latest (v4.0.0) CIS benchmark**, CIS AWS Compute Services, PCI DSS, AWS Foundational Security, CISA Cyber Essentials, FedRAMP, FFIEC, GxP 21 CFR Part 11, GxP EU Annex 11, HIPAA Final Omnibus Security Rule 2013, HIPAA Security Rule 2003, NIST 800-53, NIST CSF, NIST 800-172, Reserve Bank of India, Audit Manager Control Tower, Australian Cyber Security Center (ACSC) Essential Eight, and more!
540+ checks covering industry defined security best practices across all AWS regions. Includes full support for multiple best practice benchmarks including **the latest (v4.0.0) CIS benchmark**, CIS AWS Compute Services, PCI DSS, AWS Foundational Security, CISA Cyber Essentials, FedRAMP, FFIEC, GxP 21 CFR Part 11, GxP EU Annex 11, HIPAA Final Omnibus Security Rule 2013, HIPAA Security Rule 2003, NIST 800-53, NIST CSF, NIST 800-172, NYDFS 23, Reserve Bank of India, Audit Manager Control Tower, Australian Cyber Security Center (ACSC) Essential Eight, and more!

Run checks in a dashboard:
![image](https://raw.githubusercontent.com/turbot/steampipe-mod-aws-compliance/main/docs/aws_cis_v400_dashboard.png)
Expand Down
1 change: 1 addition & 0 deletions conformance_pack/acm.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_cyber_security = "true"
soc_2 = "true"
Expand Down
4 changes: 4 additions & 0 deletions conformance_pack/apigateway.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_cyber_security = "true"
soc_2 = "true"
Expand All @@ -64,6 +65,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_cyber_security = "true"
rbi_itf_nbfc = "true"
Expand All @@ -85,6 +87,7 @@
nist_800_171_rev_2 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
rbi_cyber_security = "true"
rbi_itf_nbfc = "true"
})
Expand Down Expand Up @@ -115,6 +118,7 @@
nist_800_171_rev_2 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_cyber_security = "true"
})
Expand Down
2 changes: 2 additions & 0 deletions conformance_pack/autoscaling.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_itf_nbfc = "true"
})
Expand All @@ -60,6 +61,7 @@
nist_800_171_rev_2 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_cyber_security = "true"
rbi_itf_nbfc = "true"
Expand Down
3 changes: 3 additions & 0 deletions conformance_pack/backup.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@
hipaa_security_rule_2003 = "true"
nist_800_171_rev_2 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_itf_nbfc = "true"
soc_2 = "true"
Expand All @@ -42,6 +43,7 @@
hipaa_security_rule_2003 = "true"
nist_800_171_rev_2 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_itf_nbfc = "true"
soc_2 = "true"
Expand All @@ -62,6 +64,7 @@
hipaa_security_rule_2003 = "true"
nist_800_171_rev_2 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
soc_2 = "true"
})
Expand Down
6 changes: 6 additions & 0 deletions conformance_pack/cloudtrail.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_cyber_security = "true"
rbi_itf_nbfc = "true"
Expand Down Expand Up @@ -68,6 +69,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_cyber_security = "true"
rbi_itf_nbfc = "true"
Expand Down Expand Up @@ -95,6 +97,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_cyber_security = "true"
soc_2 = "true"
Expand All @@ -121,6 +124,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_cyber_security = "true"
rbi_itf_nbfc = "true"
Expand All @@ -147,6 +151,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
soc_2 = "true"
})
Expand All @@ -172,6 +177,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_cyber_security = "true"
rbi_itf_nbfc = "true"
Expand Down
3 changes: 3 additions & 0 deletions conformance_pack/cloudwatch.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,7 @@
tags = merge(local.conformance_pack_cloudwatch_common_tags, {
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
soc_2 = "true"
})
Expand Down Expand Up @@ -71,6 +72,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_cyber_security = "true"
soc_2 = "true"
Expand All @@ -94,6 +96,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_cyber_security = "true"
rbi_itf_nbfc = "true"
Expand Down
10 changes: 7 additions & 3 deletions conformance_pack/codebuild.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,6 +26,7 @@
hipaa_security_rule_2003 = "true"
nist_800_53_rev_4 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
soc_2 = "true"
})
Expand All @@ -46,6 +47,7 @@
hipaa_security_rule_2003 = "true"
nist_800_53_rev_4 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
soc_2 = "true"
})
Expand Down Expand Up @@ -80,6 +82,7 @@
hipaa_final_omnibus_security_rule_2013 = "true"
hipaa_security_rule_2003 = "true"
nist_csf = "true"
nydfs_23 = "true"
rbi_itf_nbfc = "true"
})
}
Expand All @@ -90,9 +93,10 @@
query = query.codebuild_project_artifact_encryption_enabled
tags = merge(local.conformance_pack_codebuild_common_tags, {
gxp_21_cfr_part_11 = "true"
gxp_eu_annex_11 = "true"
nist_csf = "true"
gxp_21_cfr_part_11 = "true"
gxp_eu_annex_11 = "true"
nist_csf = "true"
nydfs_23 = "true"
})
}

Expand Down
5 changes: 3 additions & 2 deletions conformance_pack/dms.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_cyber_security = "true"
rbi_itf_nbfc = "true"
Expand Down Expand Up @@ -222,9 +223,9 @@
else title || ' source database logging disabled.'
end as reason
${local.tag_dimensions_sql}
${local.common_dimensions_sql}
${local.common_dimensions_sql}
from
aws_dms_replication_task as t
left join replication_task_logging as l on l.arn = t.arn;
left join replication_task_logging as l on l.arn = t.arn;
EOQ
}
4 changes: 4 additions & 0 deletions conformance_pack/dynamodb.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
rbi_itf_nbfc = "true"
})
}
Expand All @@ -45,6 +46,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_cyber_security = "true"
rbi_itf_nbfc = "true"
Expand All @@ -68,6 +70,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_cyber_security = "true"
})
Expand All @@ -91,6 +94,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_cyber_security = "true"
rbi_itf_nbfc = "true"
Expand Down
4 changes: 4 additions & 0 deletions conformance_pack/ebs.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
soc_2 = "true"
})
Expand All @@ -45,6 +46,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_cyber_security = "true"
rbi_itf_nbfc = "true"
Expand Down Expand Up @@ -85,6 +87,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_cyber_security = "true"
soc_2 = "true"
Expand All @@ -109,6 +112,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_cyber_security = "true"
rbi_itf_nbfc = "true"
Expand Down
5 changes: 5 additions & 0 deletions conformance_pack/ec2.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,6 +54,7 @@
nist_800_171_rev_2 = "true"
nist_800_53_rev_4 = "true"
nist_csf = "true"
nydfs_23 = "true"
rbi_itf_nbfc = "true"
soc_2 = "true"
})
Expand Down Expand Up @@ -97,6 +98,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_cyber_security = "true"
rbi_itf_nbfc = "true"
Expand All @@ -122,6 +124,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_cyber_security = "true"
rbi_itf_nbfc = "true"
Expand Down Expand Up @@ -177,6 +180,7 @@
nist_800_171_rev_2 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_itf_nbfc = "true"
soc_2 = "true"
Expand All @@ -197,6 +201,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
})
}

Expand Down
1 change: 1 addition & 0 deletions conformance_pack/ecs.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -68,6 +68,7 @@
nist_800_171_rev_2 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
})
}

Expand Down
2 changes: 2 additions & 0 deletions conformance_pack/efs.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_cyber_security = "true"
soc_2 = "true"
Expand All @@ -44,6 +45,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_cyber_security = "true"
rbi_itf_nbfc = "true"
Expand Down
1 change: 1 addition & 0 deletions conformance_pack/elasticache.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -74,6 +74,7 @@
nist_800_53_rev_4 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
pci_dss_v321 = "true"
rbi_cyber_security = "true"
rbi_itf_nbfc = "true"
Expand Down
1 change: 1 addition & 0 deletions conformance_pack/elasticbeanstalk.pp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@
hipaa_final_omnibus_security_rule_2013 = "true"
nist_800_53_rev_5 = "true"
nist_csf = "true"
nydfs_23 = "true"
rbi_itf_nbfc = "true"
})
}
Expand Down
Loading

0 comments on commit c6fa5f2

Please sign in to comment.