AWS New Checks

Ensure No IAM Groups Have Administrator Access Policy
Profile Applicability: Level 2 Description:  In AWS IAM, an Administrator Access Policy grants full access to all resources in an AWS account. This lev...
Wed, 2 Apr, 2025 at 2:59 AM
Ensure IAM Inline Policies That Allow Full ":" Administrative Privileges Are Not Associated to IAM Identities
Profile Applicability: Level 2 Description:  An IAM inline policy is a policy that is embedded directly into an IAM identity (user, group, or role). The...
Wed, 2 Apr, 2025 at 3:08 AM
Check if IAM identities (users,groups,roles) have the AWSCloudShellFullAccess policy attached.
Profile Applicability: Level 1 Description: AWS CloudShell is a browser-based shell for managing AWS resources. It allows users to interact with AWS reso...
Wed, 2 Apr, 2025 at 3:15 AM
Ensure IAM Inline Policies That Allow Full "kms:*" Privileges Are Not Created
Profile Applicability: Level 2 Description: AWS Key Management Service (KMS) enables you to create and control the encryption keys used to encrypt your ...
Wed, 2 Apr, 2025 at 3:23 AM
Ensure IAM Roles Do Not Have ReadOnlyAccess Access for External AWS Accounts
Profile Applicability: Level 2 Description:  In AWS, IAM roles allow external entities, including users and AWS services, to assume roles in order to p...
Wed, 2 Apr, 2025 at 3:35 AM
Ensure No Security Groups Allow Ingress from 0.0.0.0/0 or ::/0 to Windows SQL Server Ports 1433 or 1434
Profile Applicability  Level 1 Description: Ensure that no security groups are configured to allow ingress traffic from the internet (0.0.0.0/0 or ::/0) ...
Wed, 2 Apr, 2025 at 3:38 AM
Ensure IAM Policies That Allow Full "kms:*" Privileges Are Not Created
Profile Applicability: Level 2 Description: IAM (Identity and Access Management) is a service in AWS that helps you securely manage access to AWS ser...
Wed, 2 Apr, 2025 at 3:42 AM
Ensure User Access Keys Unused Are Disabled
Profile Applicability: Level 2 Description: IAM (Identity and Access Management) in AWS allows you to manage access to AWS services and resources sec...
Wed, 2 Apr, 2025 at 3:50 AM
Ensure no EC2 instances allow ingress from the internet to TCP port 6379 (Redis).
Profile Applicability:  Level 1 Description: This check ensures that no EC2 instances have security group rules that allow inbound traffic from the inter...
Wed, 2 Apr, 2025 at 3:50 AM
Ensure Unused User Console Access Is Disabled
Profile Applicability: Level 2 Description: IAM (Identity and Access Management) is an AWS service that enables you to manage user access to AWS reso...
Wed, 2 Apr, 2025 at 3:58 AM