Cloud Security Rules

RULE	SERVICE GROUP
M EFS system file is not encrypted	EFS
M Egress Rule Not Configured to Restrict Outbound Traffic	VPC
M EKS cluster secrets are not encrypted	EKS
M EKS control plane logging insufficient.	Kubernetes (Container) Engine
M ElastiCache cluster automatic backup is disabled	ElastiCache
M Elasticache cluster can be accessed without authentication token	ElastiCache
M ELB does not enforce latest TLS/SSL policy	ELB
M ELB does not enforce latest TLS/SSL policy	ELB
M ELB listener security group is set to TCP all	ELB
M ELBv1 load balancer cross zone load balancing is not enabled	ELB
M Enable Auto Minor Version Upgrade for RDS Instances	RDS
M Encryption at rest disabled in EMR security configuration	EMR
M Encryption is not enforced at the region level	EBS
M Ensure Amazon FSx Lustre retention backup period is set to 15 days	FSx
M Events performed within your DocumentDB Cluster will not be logged using Amazon CloudWatch Logs	DocumentDB
M Global Accelerator flow logs are disabled.	Global Accelerator
M Global services are not monitored by exactly one CloudTrail trail	CloudTrail
M Glue CloudWatch log encryption is disabled	Glue
M Glue does not encrypt data stored in the S3 bucket	Glue
M Glue policy has wildcard action	Glue
M Glue policy has wildcard principal	Glue
M IAM authentication for RDS cluster is disabled	RDS
M IAM Delegated admin is misconfigured	IAM
M IAM password policy does not expire passwords within 90 days	IAM
M IAM password policy does not prevent reuse of previously used passwords	IAM
M IAM password policy does not prevent reuse of the four previously used passwords	IAM
M IAM password policy does not require at least one lowercase letter	IAM
M IAM password policy does not require at least one number	IAM
M IAM password policy does not require at least one symbol	IAM
M IAM password policy does not require at least one uppercase letter	IAM

Previous Next

AWS

Azure

Google

Kubernetes