bug: cloudfront/origin_access_identity_enabled.sql would like to be removed?

[sabe6]

Is there an existing issue for this?

• I have searched the existing issues

Current Behavior

https://github.com/cloudquery/cloudquery/blob/main/plugins/source/aws/policies/queries/cloudfront/origin_access_identity_enabled.sql

CloudFront.2 control says:

Security Hub will remove this control in August 2023

Also current sql would not distinguish OAI and OAC configuration(it will result in false positive), and DomainName target seems to be filter legacy s3 global endpoint only. So current script looks like obsolete.

Expected Behavior

Patch N/A

CloudQuery (redacted) config

N/A

Steps To Reproduce

No response

CloudQuery (redacted) logs

N/A

CloudQuery version

main

Additional Context

No response

Pull request (optional)

• I can submit a pull request

[ronsh12]

[CloudFront.2] Enable CloudFront origin access identity – Security Hub now recommends [CloudFront.13] using origin access control as the best security practice; therefore, [CloudFront.2] can be removed.