AWS New Checks

Check if RDS cluster is integrated with CloudWatch Logs
Profile Applicability: Level 2 Description: Amazon RDS (Relational Database Service) supports integration with Amazon CloudWatch Logs to capture data...
Tue, 1 Apr, 2025 at 6:16 AM
Check if AWS Lambda Function VPC is deployed Across Multiple Availability Zones
Profile Applicability: Level 1 Description: AWS Lambda functions can be deployed inside a VPC (Virtual Private Cloud) to enable them to access privat...
Tue, 1 Apr, 2025 at 6:25 AM
Check if RDS DB clusters have copy tags to snapshots enabled
Profile Applicability: Level 1 Description: In Amazon RDS, when you create snapshots of DB clusters, it is essential to copy the tags associated with t...
Tue, 1 Apr, 2025 at 6:31 AM
Check if RDS Instances events are subscribed
Profile Applicability: Level 1 Description: Amazon RDS (Relational Database Service) provides a mechanism to monitor the status and lifecycle of databa...
Tue, 1 Apr, 2025 at 6:44 AM
Check if RDS instances have IAM authentication enabled
Profile Applicability: Level 2 Description: Amazon RDS provides the option to authenticate database connections using AWS Identity and Access Managemen...
Tue, 1 Apr, 2025 at 6:51 AM
Ensure no EC2 instances allow ingress from the internet to TCP port 27017 or 27018 (MongoDB).
Profile Applicability: Level 1 Description: Oracle database services typically use TCP ports 1521, 2483, and 2484 for communication. These ports are us...
Tue, 1 Apr, 2025 at 6:54 AM
Check if RDS Cluster critical events are subscribed
Profile Applicability: Level 1 Description: Amazon RDS (Relational Database Service) provides various event notifications for RDS clusters, including c...
Tue, 1 Apr, 2025 at 7:00 AM
Check if any of the Elastic or Public IP are in Shodan (requires Shodan API KEY).
Profile Applicability: Level 1 Description: Shodan is a search engine that allows users to search for devices and systems exposed to the internet, incl...
Tue, 1 Apr, 2025 at 7:09 AM
Ensure that the SSL/TLS certificates configured for your Amazon RDS are not expired
Profile Applicability: Level 2 Description: Amazon RDS (Relational Database Service) supports SSL/TLS encryption to secure data in transit between RDS ...
Tue, 1 Apr, 2025 at 7:07 AM
Ensure that SES identities are not publicly accessible
Profile Applicability: Level 1 Description: Amazon Simple Email Service (SES) is a fully managed email sending service that allows you to send and rece...
Tue, 1 Apr, 2025 at 7:13 AM