AC_AWS_0573 | Ensure that all the expired SSL/TLS certificates stored in AWS IAM are removed | AWS | Identity and Access Management | MEDIUM |
AC_AWS_0553 | Ensure a support role has been created to manage incidents with AWS Support | AWS | Identity and Access Management | MEDIUM |
AC_AWS_0559 | Ensure a log metric filter and alarm exist for unauthorized API calls | AWS | Security Best Practices | HIGH |
AC_AWS_0554 | Ensure there is only one active access key available for any single IAM user | AWS | Identity and Access Management | MEDIUM |
AC_AWS_0560 | Ensure a log metric filter and alarm exist for usage of 'root' account | AWS | Security Best Practices | HIGH |
AC_AWS_0434 | Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket | AWS | Logging and Monitoring | MEDIUM |
S3_AWS_0005 | Ensure MFA Delete is enable on S3 buckets - Terraform Version 1.x | AWS | Security Best Practices | HIGH |
AC_AWS_0209 | Ensure MFA Delete is enable on S3 buckets | AWS | Security Best Practices | HIGH |
AC_AWS_0428 | Ensure that S3 Buckets are configured with 'Block public access (bucket settings)' | AWS | Infrastructure Security | MEDIUM |
S3_AWS_0010 | Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket - Terraform Version 1.x | AWS | Logging and Monitoring | MEDIUM |
AC_AWS_0132 | Ensure no root user account access key exists | AWS | Identity and Access Management | HIGH |
AC_AWS_0552 | Ensure MFA is enabled for the "root user" account | AWS | Compliance Validation | HIGH |
AC_AWS_0606 | Ensure MFA Delete is enabled on S3 buckets | AWS | Security Best Practices | HIGH |
AC_AWS_0186 | Ensure that encryption is enabled for Amazon Relational Database Service (Amazon RDS) Instances | AWS | Data Protection | HIGH |
AC_AWS_0571 | Ensure a log metric filter and alarm exist for VPC changes | AWS | Security Best Practices | HIGH |
AC_AWS_0080 | Ensure EBS volume encryption is enabled | AWS | Data Protection | HIGH |
AC_AWS_0557 | Ensure the S3 bucket used to store CloudTrail logs is not publicly accessible | AWS | Logging and Monitoring | MEDIUM |
AC_AWS_0558 | Ensure a log metric filter and alarm exist for Management Console sign-in without MFA | AWS | Security Best Practices | HIGH |
S3_AWS_0007 | Ensure the S3 bucket used to store CloudTrail logs is not publicly accessible - Terraform Version 1.x | AWS | Logging and Monitoring | MEDIUM |
AC_AWS_0587 | Ensure a log metric filter and alarm exist for usage of 'root' account | AWS | Security Best Practices | HIGH |
AC_AWS_0591 | Ensure EBS Volume Encryption is Enabled in all Regions | AWS | Data Protection | HIGH |
AC_AWS_0042 | Ensure standard password policy must be followed with password at least 14 characters long | AWS | Identity and Access Management | MEDIUM |
AC_AWS_0562 | Ensure a log metric filter and alarm exist for CloudTrail configuration changes | AWS | Security Best Practices | HIGH |
AC_AWS_0598 | Ensure a support role has been created to manage incidents with AWS Support | AWS | Identity and Access Management | MEDIUM |
AC_AWS_0586 | Ensure a log metric filter and alarm exist for unauthorized API calls | AWS | Security Best Practices | HIGH |
AC_AWS_0138 | Ensure credentials unused for 45 days or greater are disabled | AWS | Compliance Validation | LOW |
AC_AWS_0605 | Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket | AWS | Logging and Monitoring | MEDIUM |
AC_AWS_0556 | Ensure no Network ACLs allow ingress from 0.0.0.0/0 to remote server administration ports | AWS | Infrastructure Security | HIGH |
AC_AWS_0561 | Ensure a log metric filter and alarm exist for IAM policy changes | AWS | Security Best Practices | HIGH |
AC_AWS_0569 | Ensure a log metric filter and alarm exist for changes to network gateways | AWS | Security Best Practices | HIGH |
AC_AWS_0572 | Ensure a log metric filter and alarm exists for AWS Organizations changes | AWS | Security Best Practices | HIGH |
AC_AWS_0599 | Ensure that all the expired SSL/TLS certificates stored in AWS IAM are removed | AWS | Identity and Access Management | MEDIUM |
AC_AWS_0600 | Ensure there is only one active access key available for any single IAM user | AWS | Identity and Access Management | MEDIUM |
AC_AWS_0565 | Ensure a log metric filter and alarm exist for S3 bucket policy changes | AWS | Security Best Practices | HIGH |
AC_AWS_0038 | Ensure CloudTrail trails are integrated with CloudWatch Logs | AWS | Logging and Monitoring | MEDIUM |
AC_AWS_0608 | Ensure that S3 Buckets are configured with 'Block public access (bucket settings)' | AWS | Infrastructure Security | MEDIUM |
AC_AWS_0034 | Ensure CloudTrail is enabled in all regions | AWS | Logging and Monitoring | MEDIUM |
AC_AWS_0570 | Ensure a log metric filter and alarm exist for route table changes | AWS | Security Best Practices | HIGH |
AC_AWS_0230 | Ensure no security groups allow ingress from 0.0.0.0/0 to remote server administration ports | AWS | Infrastructure Security | HIGH |
AC_AWS_0626 | Ensure CloudTrail is enabled in all regions | AWS | Logging and Monitoring | MEDIUM |
AC_AWS_0597 | Ensure MFA is enabled for the 'root' user account | AWS | Compliance Validation | HIGH |
AC_AWS_0432 | Ensure IAM Users Receive Permissions Only Through Groups | AWS | Identity and Access Management | MEDIUM |
AC_AWS_0140 | Ensure IAM password policy prevents password reuse | AWS | Compliance Validation | LOW |
AC_AWS_0144 | Ensure IAM policies that allow full "*:*" administrative privileges are not attached | AWS | Identity and Access Management | HIGH |
AC_AWS_0594 | Ensure no 'root' user account access key exists | AWS | Identity and Access Management | HIGH |
AC_AWS_0583 | Ensure CloudTrail is enabled in all regions | AWS | Logging and Monitoring | MEDIUM |
AC_AWS_0627 | Ensure IAM Users Receive Permissions Only Through Groups | AWS | Identity and Access Management | MEDIUM |
AC_AWS_0634 | Ensure multi-factor authentication (MFA) is enabled for all IAM users that have a console password | AWS | Compliance Validation | HIGH |
AC_AWS_0142 | Ensure IAM password policy requires minimum length of 14 or greater | AWS | Compliance Validation | MEDIUM |
AC_AWS_0151 | Ensure multi-factor authentication (MFA) is enabled for all IAM users that have a console password | AWS | Compliance Validation | HIGH |