AWS Services

Ensure SQS queues have policy set are not Public
Description: Simple Queue Service - SQS is a fully managed message queuing service that makes it easy to decouple and scale microservices, distributed syst...
Sat, 25 Apr, 2020 at 7:21 PM
Ensure to report ACM Certificates are about to expire in 7 days or less
Description:  AWS Certificate Manager (ACM) service. ACM handles the complexity of creating and managing public SSL/TLS certificates for your AWS-based web...
Wed, 16 Mar, 2022 at 5:08 AM
Ensure SNS topics have policy set are not Public
Description: Simple Notification Service - SNS is a web service that enables applications, end-users, and devices to instantly send and receive notificatio...
Mon, 14 Mar, 2022 at 2:25 AM
Ensure there are no KMS keys exposed
Description: AWS Key Management Service (KMS) allows administrators to create, delete and control keys that encrypt data stored in AWS database products. K...
Thu, 6 Apr, 2023 at 7:15 AM
Ensure KMS keys with key rotation is not disabled
Description: AWS Key Management Service (KMS) allows customers to rotate the backing key which is key material stored within the KMS. It is the backing key...
Tue, 22 Mar, 2022 at 2:38 AM
Ensure CloudFront distributions are set to HTTPS
Description:  CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally...
Mon, 21 Mar, 2022 at 6:23 AM
Ensure no secrets are found in EC2 User Data
Description: EC2 User data to the instance that can be used to perform common automated configuration tasks and even run scripts after the instance starts....
Fri, 31 Mar, 2023 at 7:55 AM
Ensure no secrets are found in CloudFormation outputs
Description: CloudFormation outputs contain the results of the template that was created. These outputs may contain secrets, for example, user names, passw...
Thu, 17 Mar, 2022 at 5:57 AM
Ensure API Gateway has client certificate enabled to access your backend endpoint
Description: API(Application Programming Interface) is a software intermediary that allows two applications to talk to each other. AWS API Gateway is a se...
Wed, 29 Mar, 2023 at 8:49 AM
Ensure API Gateway has a WAF ACL attached
Description: A web ACL (Web Access Control List) is the core resource in an AWS WAF deployment. It contains rules that are evaluated for each request that...
Thu, 17 Mar, 2022 at 3:38 AM