IAM Policies

Ensure there are no EC2 AMIs set as Public
Description:  An Amazon Machine Image (AMI) is a template that contains the software configuration ( operating system, application server, and app...
Tue, 27 Jul, 2021 at 7:57 AM
Ensure users of groups with AdministratorAccess policy have MFA tokens enabled
Description:  The users of groups with the "AdministratorAccess" policy have the most privileged users in an AWS account. MFA adds an extra layer...
Wed, 14 Jul, 2021 at 10:45 AM
Ensure there are no EBS Snapshots set as Public
Description: Elastic Block Store is a web service that provides block-level storage volumes for use with EC2 instances. EBS volumes are highly available an...
Mon, 19 Jul, 2021 at 8:15 AM
Ensure there are no S3 buckets open to the Everyone or Any AWS user
Description: The Amazon S3 Block Public Access feature provides settings for access points, buckets, and accounts to help you manage public access to Amazon...
Fri, 24 Apr, 2020 at 6:54 PM
Ensure there are no Security Groups without ingress filtering being used
Description:  Ensure there are no Security Groups without ingress filtering being used. Security groups provide stateful filtering of ingress/egre...
Tue, 27 Jul, 2021 at 8:44 AM
Ensure every Security Group is being used by at least one resource
Description: A security group acts as a virtual firewall for the virtual machines and other resources running on cloud. They are created based on ports and...
Fri, 27 Aug, 2021 at 9:25 AM
Ensure Amazon Macie is enabled
Description: Macie is a security service that uses machine learning to automatically discover, classify, and protect sensitive data in AWS. Macie recognize...
Tue, 20 Jul, 2021 at 11:30 PM
Ensure CloudFront distributions have logging enabled
Description:  Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to cu...
Wed, 21 Jul, 2021 at 1:15 AM
Ensure Amazon Elasticsearch Service (ES) domains have logging enabled
Description:  Elasticsearch Service(ES) is a managed service that makes it easy to deploy, operate, and scale Elasticsearch, a popular open-source...
Wed, 21 Jul, 2021 at 10:56 PM
Ensure Elastic Load Balancers have logging enabled
Description:   Elastic Load Balancer(ELB) automatically distributes your incoming traffic across multiple targets, such as EC2 instances, containe...
Wed, 11 Aug, 2021 at 10:49 PM