Resource Type: AWS > VPC > VPC

Resource Context

VPC is a part of the VPC service.

Each VPC lives under a Region.

Controls

The primary controls for AWS > VPC > VPC are:

• Active
• Approved
• CMDB
• Configured
• Discovery
• DNS Hostnames
• DNS Resolution
• Flow Logging
• ServiceNow
• Stack
• Tags
• Usage

It is also targeted by these controls:

• AWS > CIS v1 > 2 Logging > 2.09 Ensure VPC flow logging is enabled in all VPCs (Scored)
• AWS > CIS v1.4 > 3 - Logging > 3.09 - Ensure VPC flow logging is enabled in all VPCs (Automated)
• AWS > CIS v2.0 > 3 - Logging > 3.09 - Ensure VPC flow logging is enabled in all VPCs
• AWS > CIS v3.0 > 3 - Logging > 3.07 - Ensure VPC flow logging is enabled in all VPCs
• AWS > HIPAA > VPC > VPC flow logs should be enabled
• AWS > NIST 800-53 > VPC > VPC flow logs should be enabled
• AWS > PCI v3.2.1 > EC2 > 6 VPC flow logging should be enabled in all VPCs
• AWS > VPC > Egress Only Internet Gateway > Discovery
• AWS > VPC > Endpoint > Discovery
• AWS > VPC > Flow Log > Discovery
• AWS > VPC > Network ACL > Discovery
• AWS > VPC > Route Table > Discovery
• AWS > VPC > Security Group > Discovery
• AWS > VPC > Subnet > Discovery

Quick Actions

• Delete from AWS
• Set Tags
• Skip alarm for Active control
• Skip alarm for Active control [90 days]
• Skip alarm for Approved control
• Skip alarm for Approved control [90 days]
• Skip alarm for Tags control
• Skip alarm for Tags control [90 days]

Category

• Networking

In Your Workspace

• Controls by Resource Type report
• Policy Settings by Resource Type report
• Resources by Resource Type report

Developers

Resource Type URI

tmod:@turbot/aws-vpc-core#/resource/types/vpc

Category URI

tmod:@turbot/turbot#/resource/categories/networking

GraphQL

query resource(id: "tmod:@turbot/aws-vpc-core#/resource/types/vpc") { … }

query resourceActivities(filter: "resourceId:'tmod:@turbot/aws-vpc-core#/resource/types/vpc'") { … }

mutation createResource(input: { … })

mutation updateResource(input: { … })

CLI

Get Resource

turbot graphql resource --id "tmod:@turbot/aws-vpc-core#/resource/types/vpc"

Steampipe Query

Get Resource

select * from guardrails_resource where resource_type_uri = 'tmod:@turbot/aws-vpc-core#/resource/types/vpc';

Get Policy Settings (By Resource ID)

select * from guardrails_policy_setting where filter = 'resourceTypeId:"tmod:@turbot/aws-vpc-core#/resource/types/vpc"';

Get Resource Notification

select * from guardrails_notification where resource_type_uri = 'tmod:@turbot/aws-vpc-core#/resource/types/vpc' and notification_type in ('resource_updated', 'resource_created');