IAM Policies

Ensure S3 buckets have server access logging enabled
Description:  S3 Bucket Access Logging generates a log that contains access records for each request made to your S3 bucket. An access log record contains ...
Fri, 24 Apr, 2020 at 6:33 PM
Ensure Route53 public hosted zones are logging queries to CloudWatch Logs
Description:  Route 53 is a highly available and scalable Domain Name System (DNS) web service. You can use Route 53 to perform three main functions in any...
Tue, 28 Apr, 2020 at 3:53 AM
Ensure Lambda functions invoke API operations are being recorded by CloudTrail
Description:  AWS Lambda is a compute service that lets you run code without provisioning or managing servers. AWS Lambda executes your code only when need...
Tue, 28 Apr, 2020 at 4:58 AM
Ensure Redshift cluster has audit logging enabled
Description:  Redshift is a fast, fully managed, petabyte-scale data warehouse service that makes it simple and cost-effective to efficiently analyze all y...
Sun, 26 Apr, 2020 at 6:44 PM
Ensure ACM certificates have Certificate Transparency logging enabled
Description:  AWS Certificate Manager (ACM) service. ACM handles the complexity of creating and managing public SSL/TLS certificates for your AWS based web...
Tue, 28 Apr, 2020 at 2:26 PM
Ensure Trusted Advisor is enabled for errors and warnings
Description:  AWS Trusted Advisor is an online tool that provides you real time guidance to help you provision your resources following AWS best practices....
Tue, 28 Apr, 2020 at 2:33 PM
Ensure SQS queues have Server Side Encryption enabled
Description: Simple Queue Service - SQS is a fully managed message queuing service that makes it easy to decouple and scale microservices, distributed syst...
Tue, 28 Apr, 2020 at 2:44 PM
Ensure there are no EBS Volumes unencrypted
Description:  Elastic Block Store is a web service that provides block level storage volumes for use with EC2 instances. EBS volumes are highly available a...
Fri, 24 Apr, 2020 at 6:08 PM
Ensure Geo restrictions are enabled in CloudFront distributions
Description:  CloudFront speeds up distribution of your static and dynamic web content, such as .html, .css, .php, image, and media files. When users reque...
Sun, 26 Apr, 2020 at 5:39 PM
Ensure the providers SAML-Based Federation for API Access to AWS:
Description:  AWS Identity and Access Management (IAM) is a web service that helps you securely control access to AWS resources. You use IAM to control who...
Tue, 28 Apr, 2020 at 3:19 PM