Cloud Security Rules

Find out if you have vulnerabilities that put you at risk

RULE	SERVICE GROUP
C S3 bucket ACL allows public access to S3 bucket storing CloudTrail log files	S3
H S3 bucket does not have `ignore_public_acls` enabled	S3
H S3 bucket does not have all block public access options enabled	S3
H S3 bucket has `block_public_acls` disabled	S3
H S3 bucket has `block_public_policy` disabled	S3
H S3 bucket has `restrict_public_buckets` disabled	S3
H S3 bucket is publicly readable	S3
H S3 Bucket should not be publicly readable and writable	S3
H S3 policy grants all permissions to any principal	S3
M S3 bucket access logging is not enabled on S3 buckets that store CloudTrail log files	S3
M S3 bucket is not encrypted	S3
M S3 Bucket is publicly readable	S3
M S3 bucket policy allows list actions for all IAM principals and public users	S3
M S3 bucket policy does not deny requests that use HTTP	S3
M S3 object is not encrypted	S3
L S3 bucket MFA delete control is disabled	S3
L S3 bucket object-level logging for read events is disabled	S3
L S3 bucket object-level logging for write events is disabled	S3
L S3 bucket replication (cross-region or same-region) is not enabled	S3
L S3 bucket versioning is disabled	S3
L S3 server access logging is disabled	S3