Ensure VPC peering connections are only established with explicitly authorized destinations to limit network exposure and enforce boundary controls.
Networking / VPC / Controls / DEV
Restrict VPC Peering to Authorized Accounts
CCC.VPC.CN03 · Networking
Related Capabilities
| ID | Title | Description |
|---|---|---|
| CCC.VPC.CP11 | Connectivity Options - VPC Peering | Establishing a private connection between two VPCs to communicate seamlessly. |
Related Threats
| ID | Title | Description |
|---|---|---|
| CCC.VPC.TH03 | Unauthorized Network Access Through VPC Peering | Unauthorized VPC peering connections can allow network traffic between untrusted or unapproved subscriptions, leading to potential data exposure or exfiltration. |
Assessment Requirements
| ID | Text | Applicability |
|---|---|---|
| CCC.VPC.CN03.AR01 | When a VPC peering connection is requested, the service MUST prevent connections from VPCs that are not explicitly allowed. | tlp-green, tlp-amber, tlp-red |
Guideline Mappings
| Framework | ID | Remarks |
|---|---|---|
| NIST-CSF | PR.AC-3 | |
| CCM | IVS-01 | |
| ISO_27001 | 2013 A.13.1.3 | |
| NIST_800_53 | AC-4 |