IAM Policies

Ensure S3 buckets have server access logging enabled
Description:  S3 Bucket Access Logging generates a log that contains access records for each request made to your S3 bucket. An access log record ...
Wed, 21 Jul, 2021 at 9:26 AM
Ensure Route53 public hosted zones are logging queries to CloudWatch Logs
Description: Amazon Route 53 is a highly available and scalable cloud Domain Name Service(DNS) web service. It is a cost-effective and reliable way to rout...
Wed, 13 Oct, 2021 at 12:12 AM
Ensure Lambda functions invoke API operations are being recorded by CloudTrail
Description:  AWS Lambda is a compute service that lets you run code without provisioning or managing servers. AWS Lambda executes your code only when need...
Tue, 28 Apr, 2020 at 4:58 AM
Ensure Redshift cluster has audit logging enabled
Description:  Amazon Redshift is a data warehouse service. It is a collection of computing resources called nodes, organized into a cluster called a cluste...
Tue, 24 Aug, 2021 at 12:50 AM
Ensure ACM certificates have Certificate Transparency logging enabled
Description: AWS Certificate Manager is a service that lets you easily provision, manage, and deploy public and private Secure Sockets Layer/Transport L...
Tue, 12 Oct, 2021 at 11:49 PM
Ensure Trusted Advisor is enabled for errors and warnings
Description: AWS Trusted Advisor is a fully managed service that provides you guidance to follow AWS best practices.  During establishing a new wo...
Fri, 23 Jul, 2021 at 3:32 AM
Ensure SQS queues have Server Side Encryption enabled
Description: Simple Queue Service - SQS is a fully managed message queuing service that makes it easy to decouple and scale microservices, distributed syst...
Wed, 8 Sep, 2021 at 4:32 AM
Ensure there are no EBS Volumes unencrypted
Description:  Elastic Block Store is a web service that provides block-level storage volumes for use with EC2 instances. EBS volumes are highly av...
Tue, 27 Jul, 2021 at 12:44 AM
Ensure Geo restrictions are enabled in CloudFront distributions
Description:  CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers...
Thu, 15 Jul, 2021 at 1:49 AM
Ensure the providers SAML-Based Federation for API Access to AWS:
Description:  AWS Identity and Access Management (IAM) is a web service that helps you securely control access to AWS resources. You use IAM to control who...
Tue, 28 Apr, 2020 at 3:19 PM