AWS ACM Certificate Expiration
AWS Access Key Uploaded to Github
AWS Access Keys At Account Creation
AWS CloudFormation Stack Drift
AWS CloudFormation Stack IAM Service Role
AWS CloudFormation Stack Termination Protection
AWS CloudTrail CloudWatch Logs
A CloudTrail Was Created or Updated
AWS CloudTrail Least Privilege Access
AWS CloudTrail S3 Bucket Access Logging
AWS CloudTrail S3 Bucket Public
Monitor Unauthorized API Calls
Account Security Configuration Changed
AWS CloudWatch Logs Data Retention
Sensitive AWS CloudWatch Log Encryption
AWS Config Records All Resource Types
AWS DynamoDB Table Autoscaling Configuration
AWS DynamoDB Table Autoscaling
AWS EC2 AMI Approved Instance Type
AWS EC2 Instance Approved Host
AWS EC2 Instance Approved Instance Type
AWS EC2 Instance Approved Tenancy
AWS EC2 Instance Detailed Monitoring
AWS EC2 Instance EBS Optimization
Amazon Machine Image (AMI) Modified to Allow Public Access
AWS EC2 Manual Security Group Change
AWS EC2 Volume Snapshot Encryption
AWS Application Load Balancer Web ACL
AWS GuardDuty High Severity Finding
AWS GuardDuty Low Severity Finding
AWS GuardDuty Medium Severity Finding
Detect Reconnaisance from IAM Users
AWS IAM Policy Administrative Privileges
AWS IAM Policy Assigned to User
AWS IAM Policy Does Not Grant Any Administrative Access
AWS IAM Policy Does Not Grant Network Admin Access
AWS IAM Resource Does Not Have Inline Policy
AWS IAM User Not In Conflicting Groups
IAM Assume Role Blocklist Ignored
IAM Entity Created Without CloudFormation
IAM Inline Policy Network Admin
Monitor Unauthorized API Calls
Root Account Access Key Created
Detect Reconnaisance from IAM Users
AWS Network ACL Overly Permissive Entry Created
AWS Network ACL Restricts Inbound Traffic
AWS Network ACL Restricts Insecure Protocols
AWS Network ACL Restricts Outbound Traffic
AWS Password Policy Complexity Guidelines
AWS Password Policy Password Age Limit
AWS Password Policy Password Reuse
AWS RDS Instance Has Acceptable Backup Retention Period
AWS RDS Instance High Availability
AWS RDS Instance Minor Version Upgrades
AWS RDS Instance Public Access
AWS RDS Instance Snapshot Public Access
AWS Redshift Cluster Encryption
AWS Redshift Cluster Has Acceptable Snapshot Retention Period
AWS Redshift Cluster Maintenance Window
AWS Redshift Cluster Snapshot Retention
AWS Redshift Cluster Version Upgrade
AWS S3 Bucket Action Restrictions
AWS S3 Bucket Lifecycle Configuration
AWS S3 Bucket Name DNS Compliance
AWS S3 Bucket Object Lock Configured
AWS S3 Bucket Policy Allow With Not Principal
AWS S3 Bucket Principal Restrictions
AWS S3 Bucket Public Access Block
AWS Security Group - Only DMZ Publicly Accessible
AWS Security Group Administrative Ingress
AWS Security Group Restricts Access To CDE
AWS Security Group Restricts Inbound Traffic
AWS Security Group Restricts Inter-SG Traffic
AWS Security Group Restricts Outbound Traffic
AWS Security Group Restricts Traffic Leaving CDE
AWS Security Group Tightly Restricts Inbound Traffic
AWS Security Group Tightly Restricts Outbound Traffic
AWS VPC Default Network ACL Restricts All Traffic
AWS VPC Default Security Group Restrictions
VPC Flow Logs Inbound Port Allowlist
VPC Flow Logs Inbound Port Blocklist