iCompaas Support

IAM Policies 42

• Ensure there are no EC2 AMIs set as Public
• Ensure users of groups with AdministratorAccess policy have MFA tokens enabled
• Ensure there are no EBS Snapshots set as Public
• Ensure there are no S3 buckets open to the Everyone or Any AWS user
• Ensure there are no Security Groups without ingress filtering being used

View all 42

AWS Services 131

• Ensure there are no ECR repositories set as Public
• Ensure there are no Public Accessible RDS instances
• Ensure there are no internet facing Elastic Load Balancers
• Ensure there are no internet facing EC2 Instances
• Ensure Redshift Cluster is not publicly accessible

View all 131

VPC Policies 20

• Ensure Security Groups do not allow unrestricted ingress access to any port
• Ensure Security Groups do not allow unrestricted ingress access to Oracle Ports 1521 or 2483
• Ensure Security Groups do not allow unrestricted ingress access to MySQL port 3306
• Ensure Security Groups do not allow unrestricted ingress access to Postgres port 5432
• Ensure Security Groups do not allow unrestricted ingress access to Redis port 6379

View all 20

Automation Policies 18

• Ensure Lambda Dead Letter Queue(DLQ) is enabled
• Ensure Lambda Concurrency Limit is Configured
• Ensure CloudFormation Stack Drift Detection Check
• Ensure EC2 Instances Managed by Systems Manager (SSM)
• Ensure Elastic Beanstalk Enhanced Health Reporting Enabled

View all 18

Amazon Lightsail 8

• Ensure LightSail Disk have Automatic Backup Enabled
• Ensure Lightsail IPv4 Firewall will not allow traffic from any port
• Ensure Alarm exist for CPU Utilization for Lightsail instances
• Ensure Amazon LightSail Bucket is not publicly accessible
• Ensure alarm exist for Lightsail bucket storage

View all 8