💼 [EventBridge.3] EventBridge custom event buses should have a resource-based policy attached
-
Contextual name: 💼 [EventBridge.3] EventBridge custom event buses should have a resource-based policy attached
-
ID:
/frameworks/aws-fsbp-v1.0.0/eventbridge/03 -
Located in: 💼 EventBridge
Description​
By default, an EventBridge custom event bus doesn't have a resource-based policy attached. This allows principals in the account to access the event bus. By attaching a resource-based policy to the event bus, you can limit access to the event bus to specified accounts, as well as intentionally grant access to entities in another account.
Similar​
- AWS Security Hub
- Internal
- ID:
dec-c-dea41744
- ID:
Similar Sections (Give Policies To)​
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| 💼 NIST SP 800-53 Revision 5 → 💼 AC-2 Account Management | 13 | 20 | 34 | |
| 💼 NIST SP 800-53 Revision 5 → 💼 AC-2(1) Account Management _ Automated System Account Management | 4 | 16 | ||
| 💼 NIST SP 800-53 Revision 5 → 💼 AC-3 Access Enforcement | 15 | 5 | 37 | |
| 💼 NIST SP 800-53 Revision 5 → 💼 AC-3(7) Access Enforcement _ Role-based Access Control | 14 | |||
| 💼 NIST SP 800-53 Revision 5 → 💼 AC-3(15) Access Enforcement _ Discretionary and Mandatory Access Control | 11 | |||
| 💼 NIST SP 800-53 Revision 5 → 💼 AC-5 Separation of Duties | 13 | |||
| 💼 NIST SP 800-53 Revision 5 → 💼 AC-6 Least Privilege | 10 | 23 | 49 | |
| 💼 NIST SP 800-53 Revision 5 → 💼 AC-6(3) Least Privilege _ Network Access to Privileged Commands | 2 | |||
| 💼 PCI DSS v4.0.1 → 💼 10.3.1 Read access to audit logs files is limited to those with a job-related need. |
Sub Sections​
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|