IAM Policies

Ensure there are no EC2 AMIs set as Public
Description:  Amazon EC2 enables you to share your AMIs with other AWS accounts. You can allow all AWS accounts to launch the AMI (make the AMI public), or...
Mon, 13 Apr, 2020 at 2:32 AM
Ensure users of groups with AdministratorAccess policy have MFA tokens enabled
Description:  The users of groups with"AdministratorAccess"policy have most privileged user in an AWS account. MFA adds an extra layer of protect...
Fri, 24 Apr, 2020 at 4:29 AM
Ensure there are no EBS Snapshots set as Public
Description:  Elastic Block Store is a web service that provides block level storage volumes for use with EC2 instances. EBS volumes are highly available a...
Fri, 24 Apr, 2020 at 2:54 PM
Ensure there are no S3 buckets open to the Everyone or Any AWS user
Description: The Amazon S3 Block Public Access feature provides settings for access points, buckets, and accounts to help you manage public access to Amazon...
Fri, 24 Apr, 2020 at 6:54 PM
Ensure there are no Security Groups without ingress filtering being used
Description:  Ensure there are no Security Groups without ingress filtering being used. Security groups provide stateful filtering of ingress/egress networ...
Fri, 2 Oct, 2020 at 5:15 PM
Ensure every Security Group is being used by at least one resource
Description:  Ensure every Security Group is being used by at least one resource. Security groups provide stateful filtering of ingress/egress network traf...
Fri, 2 Oct, 2020 at 5:31 PM
Ensure Amazon Macie is enabled
Description:  Macie is a security service that uses machine learning to automatically discover, classify, and protect sensitive data in AWS. Macie recogniz...
Sun, 26 Apr, 2020 at 3:44 PM
Ensure CloudFront distributions have logging enabled
Description:  CloudFront speeds up distribution of your static and dynamic web content, such as .html, .css, .php, image, and media files. When users reque...
Sun, 26 Apr, 2020 at 5:00 PM
Ensure Amazon Elasticsearch Service (ES) domains have logging enabled
Description:  Elasticsearch Service is a managed service that makes it easy to deploy, operate, and scale Elasticsearch, a popular open-source search and a...
Sun, 26 Apr, 2020 at 6:41 PM
Ensure Elastic Load Balancers have logging enabled
Description:  Contingency Plan — Emergency Mode Operation Plan - Establish (and implement as needed) procedures to enable continuation of critical business...
Sun, 26 Apr, 2020 at 3:27 PM