Rules Supporting Playbook Remediation
AWS:
- IAM Password Policy - Expiration Period of 90 Days or Less Not Configured
- IAM Password Policy - Prevent Reuse of Last 24 Passwords Not Configured
- IAM Password Policy - Symbols Required Not Configured
- IAM Password Policy - Numbers Required Not Configured
- IAM Password Policy - Uppercase Characters Required Not Configured
- IAM Password Policy - Lowercase Characters Required Not Configured
- IAM Password Policy - Minimum Password Length of at Least 14 Characters Not Configured
- SNS Topic Server-Side Encryption Not Enabled
- Kinesis Server Side Encryption Not Enabled
- AWS S3 Bucket with Public Read Permission
- AWS S3 Bucket with Public Write Permission
- AWS S3 Bucket with Public Read ACP Permission
- AWS S3 Bucket with Public Write ACP Permission
- AWS S3 Bucket with Public Full Control Permission
- AWS S3 Bucket with Authenticated Full Control Permission
- AWS S3 Bucket with Authenticated Read Permission
- AWS S3 Bucket with Authenticated Write Permission
- AWS S3 Bucket with Authenticated Read ACP Permission
- AWS S3 Bucket with Authenticated Write ACP Permission
- AWS RDS Snapshot Not Private
- SQS Server Side Encryption Not Enabled
- AWS S3 Server Access Logging Not Enabled
- AWS EC2 AMI Not Private
- AWS EBS Volume Snapshot Not Private
- Access Keys for IAM Users Created During Initial Setup
- Customer Managed CMKs Automatic Key Rotation Not Enabled
- IAM Users Unused
- IAM Users Inactive
GCP:
- Storage Bucket Uniform Bucket-Level Access Not Enabled
- Cloud SQL Instance Publicly Accessible
- Cloud SQL Instance Automated Backup Not Configured
- Compute Instance Connecting Serial Ports Disabled
- Compute Instance Configured with External IP
- Flow Logs Not Enabled for Every Subnet in a VPC Network
- Cloud SQL Instance with Public IP
- Service Account with Admin Privileges
- Cloud KMS Cryptokeys Anonymously or Publicly Accessible