πΌ [EventBridge.3] EventBridge custom event buses should have a resource-based policy attached
-
Contextual name: πΌ [EventBridge.3] EventBridge custom event buses should have a resource-based policy attached
-
ID:
/frameworks/aws-fsbp-v1.0.0/eventbridge/03 -
Located in: πΌ EventBridge
Descriptionβ
By default, an EventBridge custom event bus doesn't have a resource-based policy attached. This allows principals in the account to access the event bus. By attaching a resource-based policy to the event bus, you can limit access to the event bus to specified accounts, as well as intentionally grant access to entities in another account.
Similarβ
- AWS Security Hub
- Internal
- ID:
dec-c-dea41744
- ID:
Similar Sections (Give Policies To)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ NIST SP 800-53 Revision 5 β πΌ AC-2 Account Management | 13 | 17 | 30 | |
| πΌ NIST SP 800-53 Revision 5 β πΌ AC-2(1) Account Management _ Automated System Account Management | 4 | 16 | ||
| πΌ NIST SP 800-53 Revision 5 β πΌ AC-3 Access Enforcement | 15 | 4 | 17 | |
| πΌ NIST SP 800-53 Revision 5 β πΌ AC-3(7) Access Enforcement _ Role-based Access Control | 7 | |||
| πΌ NIST SP 800-53 Revision 5 β πΌ AC-3(15) Access Enforcement _ Discretionary and Mandatory Access Control | 10 | |||
| πΌ NIST SP 800-53 Revision 5 β πΌ AC-5 Separation of Duties | 1 | |||
| πΌ NIST SP 800-53 Revision 5 β πΌ AC-6 Least Privilege | 10 | 21 | 26 | |
| πΌ NIST SP 800-53 Revision 5 β πΌ AC-6(3) Least Privilege _ Network Access to Privileged Commands | 2 | |||
| πΌ PCI DSS v4.0.1 β πΌ 10.3.1 Read access to audit logs files is limited to those with a job-related need. |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|