chore: update Config Managed Rules (#7290)
This commit is contained in:
github-actions[bot]
GitHub
parent
230cb0bbdc
commit
a0db26b123
@ -76,6 +76,7 @@
|
|||||||
"ALB_HTTP_TO_HTTPS_REDIRECTION_CHECK": {
|
"ALB_HTTP_TO_HTTPS_REDIRECTION_CHECK": {
|
||||||
"AWS Region": "All supported AWS regions except Africa (Cape Town), Asia Pacific (Osaka), Europe (Milan), Israel (Tel Aviv) Region",
|
"AWS Region": "All supported AWS regions except Africa (Cape Town), Asia Pacific (Osaka), Europe (Milan), Israel (Tel Aviv) Region",
|
||||||
"Parameters": [],
|
"Parameters": [],
|
||||||
|
"Resource Types": "AWS::ElasticLoadBalancingV2::LoadBalancer",
|
||||||
"Trigger type": "Periodic"
|
"Trigger type": "Periodic"
|
||||||
},
|
},
|
||||||
"ALB_WAF_ENABLED": {
|
"ALB_WAF_ENABLED": {
|
||||||
@ -622,7 +623,7 @@
|
|||||||
"Trigger type": "Configuration changes"
|
"Trigger type": "Configuration changes"
|
||||||
},
|
},
|
||||||
"CLOUDTRAIL_S3_DATAEVENTS_ENABLED": {
|
"CLOUDTRAIL_S3_DATAEVENTS_ENABLED": {
|
||||||
"AWS Region": "All supported AWS regions except Asia Pacific (Jakarta), Asia Pacific (Hyderabad), Asia Pacific (Osaka), Canada West (Calgary), Europe (Spain) Region",
|
"AWS Region": "All supported AWS regions except Canada West (Calgary) Region",
|
||||||
"Parameters": [
|
"Parameters": [
|
||||||
{
|
{
|
||||||
"Name": "S3BucketNames",
|
"Name": "S3BucketNames",
|
||||||
@ -633,7 +634,7 @@
|
|||||||
"Trigger type": "Periodic"
|
"Trigger type": "Periodic"
|
||||||
},
|
},
|
||||||
"CLOUDTRAIL_SECURITY_TRAIL_ENABLED": {
|
"CLOUDTRAIL_SECURITY_TRAIL_ENABLED": {
|
||||||
"AWS Region": "All supported AWS regions except Asia Pacific (Jakarta), Asia Pacific (Hyderabad), Asia Pacific (Osaka), Europe (Spain) Region",
|
"AWS Region": "All supported AWS regions",
|
||||||
"Parameters": [],
|
"Parameters": [],
|
||||||
"Trigger type": "Periodic"
|
"Trigger type": "Periodic"
|
||||||
},
|
},
|
||||||
@ -707,6 +708,7 @@
|
|||||||
"Type": "String"
|
"Type": "String"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
|
"Resource Types": "AWS::EC2::Instance, AWS::RDS::DBCluster, AWS::S3::Bucket, AWS::EC2::Volume",
|
||||||
"Trigger type": "Periodic"
|
"Trigger type": "Periodic"
|
||||||
},
|
},
|
||||||
"CLOUDWATCH_ALARM_SETTINGS_CHECK": {
|
"CLOUDWATCH_ALARM_SETTINGS_CHECK": {
|
||||||
@ -748,7 +750,7 @@
|
|||||||
"Trigger type": "Configuration changes"
|
"Trigger type": "Configuration changes"
|
||||||
},
|
},
|
||||||
"CLOUDWATCH_LOG_GROUP_ENCRYPTED": {
|
"CLOUDWATCH_LOG_GROUP_ENCRYPTED": {
|
||||||
"AWS Region": "All supported AWS regions except China (Beijing), Asia Pacific (Jakarta), Middle East (UAE), Asia Pacific (Hyderabad), Asia Pacific (Osaka), Israel (Tel Aviv), Canada West (Calgary), Europe (Spain), China (Ningxia) Region",
|
"AWS Region": "All supported AWS regions except Middle East (UAE), Israel (Tel Aviv), Canada West (Calgary) Region",
|
||||||
"Parameters": [
|
"Parameters": [
|
||||||
{
|
{
|
||||||
"Name": "KmsKeyId",
|
"Name": "KmsKeyId",
|
||||||
@ -756,6 +758,7 @@
|
|||||||
"Type": "String"
|
"Type": "String"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
|
"Resource Types": "AWS::Logs::LogGroup",
|
||||||
"Trigger type": "Periodic"
|
"Trigger type": "Periodic"
|
||||||
},
|
},
|
||||||
"CLOUD_TRAIL_CLOUD_WATCH_LOGS_ENABLED": {
|
"CLOUD_TRAIL_CLOUD_WATCH_LOGS_ENABLED": {
|
||||||
@ -767,6 +770,7 @@
|
|||||||
"Type": "int"
|
"Type": "int"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
|
"Resource Types": "AWS::CloudTrail::Trail",
|
||||||
"Trigger type": "Periodic"
|
"Trigger type": "Periodic"
|
||||||
},
|
},
|
||||||
"CLOUD_TRAIL_ENABLED": {
|
"CLOUD_TRAIL_ENABLED": {
|
||||||
@ -793,16 +797,19 @@
|
|||||||
"CLOUD_TRAIL_ENCRYPTION_ENABLED": {
|
"CLOUD_TRAIL_ENCRYPTION_ENABLED": {
|
||||||
"AWS Region": "All supported AWS regions",
|
"AWS Region": "All supported AWS regions",
|
||||||
"Parameters": [],
|
"Parameters": [],
|
||||||
|
"Resource Types": "AWS::CloudTrail::Trail",
|
||||||
"Trigger type": "Periodic"
|
"Trigger type": "Periodic"
|
||||||
},
|
},
|
||||||
"CLOUD_TRAIL_LOG_FILE_VALIDATION_ENABLED": {
|
"CLOUD_TRAIL_LOG_FILE_VALIDATION_ENABLED": {
|
||||||
"AWS Region": "All supported AWS regions",
|
"AWS Region": "All supported AWS regions",
|
||||||
"Parameters": [],
|
"Parameters": [],
|
||||||
|
"Resource Types": "AWS::CloudTrail::Trail",
|
||||||
"Trigger type": "Periodic"
|
"Trigger type": "Periodic"
|
||||||
},
|
},
|
||||||
"CMK_BACKING_KEY_ROTATION_ENABLED": {
|
"CMK_BACKING_KEY_ROTATION_ENABLED": {
|
||||||
"AWS Region": "All supported AWS regions except Middle East (UAE), Europe (Spain) Region",
|
"AWS Region": "All supported AWS regions except Middle East (UAE), Europe (Spain) Region",
|
||||||
"Parameters": [],
|
"Parameters": [],
|
||||||
|
"Resource Types": "AWS::KMS::Key",
|
||||||
"Trigger type": "Periodic"
|
"Trigger type": "Periodic"
|
||||||
},
|
},
|
||||||
"CODEBUILD_PROJECT_ARTIFACT_ENCRYPTION": {
|
"CODEBUILD_PROJECT_ARTIFACT_ENCRYPTION": {
|
||||||
@ -824,7 +831,7 @@
|
|||||||
"Trigger type": "Configuration changes"
|
"Trigger type": "Configuration changes"
|
||||||
},
|
},
|
||||||
"CODEBUILD_PROJECT_ENVVAR_AWSCRED_CHECK": {
|
"CODEBUILD_PROJECT_ENVVAR_AWSCRED_CHECK": {
|
||||||
"AWS Region": "All supported AWS regions except Asia Pacific (Jakarta), Africa (Cape Town), Middle East (UAE), Asia Pacific (Hyderabad), Asia Pacific (Melbourne), Europe (Milan), Israel (Tel Aviv), Canada West (Calgary), Europe (Spain), Europe (Zurich) Region",
|
"AWS Region": "All supported AWS regions except Asia Pacific (Jakarta), Asia Pacific (Hyderabad), Israel (Tel Aviv), Canada West (Calgary), Europe (Spain), Europe (Zurich) Region",
|
||||||
"Parameters": [],
|
"Parameters": [],
|
||||||
"Resource Types": "AWS::CodeBuild::Project",
|
"Resource Types": "AWS::CodeBuild::Project",
|
||||||
"Trigger type": "Configuration changes"
|
"Trigger type": "Configuration changes"
|
||||||
@ -946,11 +953,13 @@
|
|||||||
"Type": "int"
|
"Type": "int"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
|
"Resource Types": "AWS::Logs::LogGroup",
|
||||||
"Trigger type": "Periodic"
|
"Trigger type": "Periodic"
|
||||||
},
|
},
|
||||||
"DAX_ENCRYPTION_ENABLED": {
|
"DAX_ENCRYPTION_ENABLED": {
|
||||||
"AWS Region": "Only available in Asia Pacific (Mumbai), Europe (Paris), US East (Ohio), Europe (Ireland), Europe (Frankfurt), South America (Sao Paulo), US East (N. Virginia), Europe (London), Asia Pacific (Tokyo), US West (Oregon), US West (N. California), Asia Pacific (Singapore), Asia Pacific (Sydney) Region",
|
"AWS Region": "Only available in Asia Pacific (Mumbai), Europe (Paris), US East (Ohio), Europe (Ireland), Europe (Frankfurt), South America (Sao Paulo), US East (N. Virginia), Europe (London), Asia Pacific (Tokyo), US West (Oregon), US West (N. California), Asia Pacific (Singapore), Asia Pacific (Sydney) Region",
|
||||||
"Parameters": [],
|
"Parameters": [],
|
||||||
|
"Resource Types": "AWS::DAX::Cluster",
|
||||||
"Trigger type": "Periodic"
|
"Trigger type": "Periodic"
|
||||||
},
|
},
|
||||||
"DB_INSTANCE_BACKUP_ENABLED": {
|
"DB_INSTANCE_BACKUP_ENABLED": {
|
||||||
@ -1029,6 +1038,7 @@
|
|||||||
"DMS_REPLICATION_NOT_PUBLIC": {
|
"DMS_REPLICATION_NOT_PUBLIC": {
|
||||||
"AWS Region": "All supported AWS regions except Asia Pacific (Jakarta), Africa (Cape Town), Middle East (UAE), Asia Pacific (Hyderabad), Asia Pacific (Melbourne), Europe (Milan), Israel (Tel Aviv), Canada West (Calgary), Europe (Spain), Europe (Zurich) Region",
|
"AWS Region": "All supported AWS regions except Asia Pacific (Jakarta), Africa (Cape Town), Middle East (UAE), Asia Pacific (Hyderabad), Asia Pacific (Melbourne), Europe (Milan), Israel (Tel Aviv), Canada West (Calgary), Europe (Spain), Europe (Zurich) Region",
|
||||||
"Parameters": [],
|
"Parameters": [],
|
||||||
|
"Resource Types": "AWS::DMS::ReplicationInstance",
|
||||||
"Trigger type": "Periodic"
|
"Trigger type": "Periodic"
|
||||||
},
|
},
|
||||||
"DMS_REPLICATION_TASK_SOURCEDB_LOGGING": {
|
"DMS_REPLICATION_TASK_SOURCEDB_LOGGING": {
|
||||||
@ -1272,6 +1282,7 @@
|
|||||||
"EBS_IN_BACKUP_PLAN": {
|
"EBS_IN_BACKUP_PLAN": {
|
||||||
"AWS Region": "All supported AWS regions except Asia Pacific (Jakarta), Africa (Cape Town), Middle East (UAE), Asia Pacific (Hyderabad), Asia Pacific (Osaka), Asia Pacific (Melbourne), Europe (Milan), Israel (Tel Aviv), Canada West (Calgary), Europe (Spain), Europe (Zurich) Region",
|
"AWS Region": "All supported AWS regions except Asia Pacific (Jakarta), Africa (Cape Town), Middle East (UAE), Asia Pacific (Hyderabad), Asia Pacific (Osaka), Asia Pacific (Melbourne), Europe (Milan), Israel (Tel Aviv), Canada West (Calgary), Europe (Spain), Europe (Zurich) Region",
|
||||||
"Parameters": [],
|
"Parameters": [],
|
||||||
|
"Resource Types": "AWS::EC2::Volume",
|
||||||
"Trigger type": "Periodic"
|
"Trigger type": "Periodic"
|
||||||
},
|
},
|
||||||
"EBS_LAST_BACKUP_RECOVERY_POINT_CREATED": {
|
"EBS_LAST_BACKUP_RECOVERY_POINT_CREATED": {
|
||||||
@ -1672,6 +1683,7 @@
|
|||||||
"Type": "int"
|
"Type": "int"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
|
"Resource Types": "AWS::EC2::Instance",
|
||||||
"Trigger type": "Periodic"
|
"Trigger type": "Periodic"
|
||||||
},
|
},
|
||||||
"EC2_TOKEN_HOP_LIMIT_CHECK": {
|
"EC2_TOKEN_HOP_LIMIT_CHECK": {
|
||||||
@ -1849,11 +1861,13 @@
|
|||||||
"Type": "String"
|
"Type": "String"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
|
"Resource Types": "AWS::EFS::FileSystem",
|
||||||
"Trigger type": "Periodic"
|
"Trigger type": "Periodic"
|
||||||
},
|
},
|
||||||
"EFS_IN_BACKUP_PLAN": {
|
"EFS_IN_BACKUP_PLAN": {
|
||||||
"AWS Region": "All supported AWS regions except Asia Pacific (Jakarta), Africa (Cape Town), Middle East (UAE), Asia Pacific (Hyderabad), Asia Pacific (Osaka), Asia Pacific (Melbourne), Europe (Milan), Israel (Tel Aviv), Canada West (Calgary), Europe (Spain), Europe (Zurich) Region",
|
"AWS Region": "All supported AWS regions except Asia Pacific (Jakarta), Africa (Cape Town), Middle East (UAE), Asia Pacific (Hyderabad), Asia Pacific (Osaka), Asia Pacific (Melbourne), Europe (Milan), Israel (Tel Aviv), Canada West (Calgary), Europe (Spain), Europe (Zurich) Region",
|
||||||
"Parameters": [],
|
"Parameters": [],
|
||||||
|
"Resource Types": "AWS::EFS::FileSystem",
|
||||||
"Trigger type": "Periodic"
|
"Trigger type": "Periodic"
|
||||||
},
|
},
|
||||||
"EFS_LAST_BACKUP_RECOVERY_POINT_CREATED": {
|
"EFS_LAST_BACKUP_RECOVERY_POINT_CREATED": {
|
||||||
@ -2000,6 +2014,7 @@
|
|||||||
"EKS_ENDPOINT_NO_PUBLIC_ACCESS": {
|
"EKS_ENDPOINT_NO_PUBLIC_ACCESS": {
|
||||||
"AWS Region": "All supported AWS regions except Canada West (Calgary) Region",
|
"AWS Region": "All supported AWS regions except Canada West (Calgary) Region",
|
||||||
"Parameters": [],
|
"Parameters": [],
|
||||||
|
"Resource Types": "AWS::EKS::Cluster",
|
||||||
"Trigger type": "Periodic"
|
"Trigger type": "Periodic"
|
||||||
},
|
},
|
||||||
"EKS_SECRETS_ENCRYPTED": {
|
"EKS_SECRETS_ENCRYPTED": {
|
||||||
@ -2011,6 +2026,7 @@
|
|||||||
"Type": "CSV"
|
"Type": "CSV"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
|
"Resource Types": "AWS::EKS::Cluster",
|
||||||
"Trigger type": "Periodic"
|
"Trigger type": "Periodic"
|
||||||
},
|
},
|
||||||
"ELASTICACHE_AUTO_MINOR_VERSION_UPGRADE_CHECK": {
|
"ELASTICACHE_AUTO_MINOR_VERSION_UPGRADE_CHECK": {
|
||||||
@ -2032,7 +2048,7 @@
|
|||||||
"Trigger type": "Periodic"
|
"Trigger type": "Periodic"
|
||||||
},
|
},
|
||||||
"ELASTICACHE_REDIS_CLUSTER_AUTOMATIC_BACKUP_CHECK": {
|
"ELASTICACHE_REDIS_CLUSTER_AUTOMATIC_BACKUP_CHECK": {
|
||||||
"AWS Region": "All supported AWS regions except Asia Pacific (Jakarta), Middle East (UAE), Asia Pacific (Hyderabad), Asia Pacific (Osaka), Asia Pacific (Melbourne), Israel (Tel Aviv), Canada West (Calgary), Europe (Spain), Europe (Zurich) Region",
|
"AWS Region": "All supported AWS regions except Canada West (Calgary) Region",
|
||||||
"Parameters": [
|
"Parameters": [
|
||||||
{
|
{
|
||||||
"Default": "15",
|
"Default": "15",
|
||||||
@ -2100,11 +2116,13 @@
|
|||||||
"ELASTICSEARCH_ENCRYPTED_AT_REST": {
|
"ELASTICSEARCH_ENCRYPTED_AT_REST": {
|
||||||
"AWS Region": "All supported AWS regions except Asia Pacific (Jakarta), Asia Pacific (Hyderabad), Asia Pacific (Osaka), Asia Pacific (Melbourne), Israel (Tel Aviv), Canada West (Calgary), Europe (Spain), Europe (Zurich) Region",
|
"AWS Region": "All supported AWS regions except Asia Pacific (Jakarta), Asia Pacific (Hyderabad), Asia Pacific (Osaka), Asia Pacific (Melbourne), Israel (Tel Aviv), Canada West (Calgary), Europe (Spain), Europe (Zurich) Region",
|
||||||
"Parameters": [],
|
"Parameters": [],
|
||||||
|
"Resource Types": "AWS::Elasticsearch::Domain",
|
||||||
"Trigger type": "Periodic"
|
"Trigger type": "Periodic"
|
||||||
},
|
},
|
||||||
"ELASTICSEARCH_IN_VPC_ONLY": {
|
"ELASTICSEARCH_IN_VPC_ONLY": {
|
||||||
"AWS Region": "All supported AWS regions except Asia Pacific (Jakarta), Asia Pacific (Hyderabad), Asia Pacific (Melbourne), Israel (Tel Aviv), Canada West (Calgary), Europe (Spain), Europe (Zurich) Region",
|
"AWS Region": "All supported AWS regions except Asia Pacific (Jakarta), Asia Pacific (Hyderabad), Asia Pacific (Melbourne), Israel (Tel Aviv), Canada West (Calgary), Europe (Spain), Europe (Zurich) Region",
|
||||||
"Parameters": [],
|
"Parameters": [],
|
||||||
|
"Resource Types": "AWS::Elasticsearch::Domain",
|
||||||
"Trigger type": "Periodic"
|
"Trigger type": "Periodic"
|
||||||
},
|
},
|
||||||
"ELASTICSEARCH_LOGS_TO_CLOUDWATCH": {
|
"ELASTICSEARCH_LOGS_TO_CLOUDWATCH": {
|
||||||
@ -2163,6 +2181,7 @@
|
|||||||
"Type": "CSV"
|
"Type": "CSV"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
|
"Resource Types": "AWS::ElasticLoadBalancingV2::LoadBalancer",
|
||||||
"Trigger type": "Periodic"
|
"Trigger type": "Periodic"
|
||||||
},
|
},
|
||||||
"ELBV2_MULTIPLE_AZ": {
|
"ELBV2_MULTIPLE_AZ": {
|
||||||
@ -2244,7 +2263,7 @@
|
|||||||
"Trigger type": "Periodic"
|
"Trigger type": "Periodic"
|
||||||
},
|
},
|
||||||
"EMR_KERBEROS_ENABLED": {
|
"EMR_KERBEROS_ENABLED": {
|
||||||
"AWS Region": "All supported AWS regions except Asia Pacific (Jakarta), Middle East (UAE), Asia Pacific (Hyderabad), Asia Pacific (Osaka), Asia Pacific (Melbourne), Israel (Tel Aviv), Canada West (Calgary), Europe (Spain), Europe (Zurich) Region",
|
"AWS Region": "All supported AWS regions except Canada West (Calgary) Region",
|
||||||
"Parameters": [
|
"Parameters": [
|
||||||
{
|
{
|
||||||
"Name": "TicketLifetimeInHours",
|
"Name": "TicketLifetimeInHours",
|
||||||
@ -2272,12 +2291,13 @@
|
|||||||
"Type": "String"
|
"Type": "String"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
|
"Resource Types": "AWS::EMR::Cluster",
|
||||||
"Trigger type": "Periodic"
|
"Trigger type": "Periodic"
|
||||||
},
|
},
|
||||||
"EMR_MASTER_NO_PUBLIC_IP": {
|
"EMR_MASTER_NO_PUBLIC_IP": {
|
||||||
"AWS Region": "All supported AWS regions except Asia Pacific (Jakarta), Africa (Cape Town), Middle East (UAE), Asia Pacific (Hyderabad), Asia Pacific (Osaka), Asia Pacific (Melbourne), Europe (Milan), Israel (Tel Aviv), Canada West (Calgary), Europe (Spain), Europe (Zurich) Region",
|
"AWS Region": "All supported AWS regions except Asia Pacific (Jakarta), Africa (Cape Town), Middle East (UAE), Asia Pacific (Hyderabad), Asia Pacific (Osaka), Asia Pacific (Melbourne), Europe (Milan), Israel (Tel Aviv), Canada West (Calgary), Europe (Spain), Europe (Zurich) Region",
|
||||||
"Parameters": [],
|
"Parameters": [],
|
||||||
"Resource Types": "AWS::EMR::Cluster",
|
"Resource Types": "AWS::EMR::Cluster, AWS::EC2::Instance",
|
||||||
"Trigger type": "Periodic"
|
"Trigger type": "Periodic"
|
||||||
},
|
},
|
||||||
"ENCRYPTED_VOLUMES": {
|
"ENCRYPTED_VOLUMES": {
|
||||||
@ -2501,7 +2521,7 @@
|
|||||||
"Trigger type": "Configuration changes"
|
"Trigger type": "Configuration changes"
|
||||||
},
|
},
|
||||||
"GUARDDUTY_ENABLED_CENTRALIZED": {
|
"GUARDDUTY_ENABLED_CENTRALIZED": {
|
||||||
"AWS Region": "All supported AWS regions except Middle East (Bahrain), China (Beijing), Africa (Cape Town), Middle East (UAE), Asia Pacific (Osaka), Europe (Milan), Israel (Tel Aviv), Canada West (Calgary), Europe (Spain), China (Ningxia), Europe (Zurich) Region",
|
"AWS Region": "All supported AWS regions except Middle East (Bahrain), Israel (Tel Aviv), Canada West (Calgary) Region",
|
||||||
"Parameters": [
|
"Parameters": [
|
||||||
{
|
{
|
||||||
"Name": "CentralMonitoringAccount",
|
"Name": "CentralMonitoringAccount",
|
||||||
@ -2512,7 +2532,7 @@
|
|||||||
"Trigger type": "Periodic"
|
"Trigger type": "Periodic"
|
||||||
},
|
},
|
||||||
"GUARDDUTY_NON_ARCHIVED_FINDINGS": {
|
"GUARDDUTY_NON_ARCHIVED_FINDINGS": {
|
||||||
"AWS Region": "All supported AWS regions except Middle East (Bahrain), China (Beijing), Asia Pacific (Jakarta), Africa (Cape Town), Middle East (UAE), Asia Pacific (Hyderabad), Asia Pacific (Osaka), Asia Pacific (Melbourne), Europe (Milan), Israel (Tel Aviv), Canada West (Calgary), Europe (Spain), China (Ningxia), Europe (Zurich) Region",
|
"AWS Region": "All supported AWS regions except Israel (Tel Aviv), Canada West (Calgary) Region",
|
||||||
"Parameters": [
|
"Parameters": [
|
||||||
{
|
{
|
||||||
"Default": "30",
|
"Default": "30",
|
||||||
@ -2661,6 +2681,7 @@
|
|||||||
"Type": "String"
|
"Type": "String"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
|
"Resource Types": "AWS::IAM::Policy",
|
||||||
"Trigger type": "Periodic"
|
"Trigger type": "Periodic"
|
||||||
},
|
},
|
||||||
"IAM_POLICY_NO_STATEMENTS_WITH_ADMIN_ACCESS": {
|
"IAM_POLICY_NO_STATEMENTS_WITH_ADMIN_ACCESS": {
|
||||||
@ -2719,6 +2740,7 @@
|
|||||||
"IAM_USER_MFA_ENABLED": {
|
"IAM_USER_MFA_ENABLED": {
|
||||||
"AWS Region": "All supported AWS regions except Middle East (UAE), Asia Pacific (Hyderabad), Asia Pacific (Melbourne), Israel (Tel Aviv), Canada West (Calgary), Europe (Spain), Europe (Zurich) Region",
|
"AWS Region": "All supported AWS regions except Middle East (UAE), Asia Pacific (Hyderabad), Asia Pacific (Melbourne), Israel (Tel Aviv), Canada West (Calgary), Europe (Spain), Europe (Zurich) Region",
|
||||||
"Parameters": [],
|
"Parameters": [],
|
||||||
|
"Resource Types": "AWS::IAM::User",
|
||||||
"Trigger type": "Periodic"
|
"Trigger type": "Periodic"
|
||||||
},
|
},
|
||||||
"IAM_USER_NO_POLICIES_CHECK": {
|
"IAM_USER_NO_POLICIES_CHECK": {
|
||||||
@ -2737,16 +2759,17 @@
|
|||||||
"Type": "int"
|
"Type": "int"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
|
"Resource Types": "AWS::IAM::User",
|
||||||
"Trigger type": "Periodic"
|
"Trigger type": "Periodic"
|
||||||
},
|
},
|
||||||
"INCOMING_SSH_DISABLED": {
|
"INCOMING_SSH_DISABLED": {
|
||||||
"AWS Region": "All supported AWS regions except Asia Pacific (Jakarta), Africa (Cape Town), Middle East (UAE), Asia Pacific (Hyderabad), Asia Pacific (Osaka), Asia Pacific (Melbourne), Europe (Milan), Israel (Tel Aviv), Europe (Spain), Europe (Zurich) Region",
|
"AWS Region": "All supported AWS regions except Africa (Cape Town), Europe (Milan) Region",
|
||||||
"Parameters": [],
|
"Parameters": [],
|
||||||
"Resource Types": "AWS::EC2::SecurityGroup",
|
"Resource Types": "AWS::EC2::SecurityGroup",
|
||||||
"Trigger type": "Configuration changes and Periodic"
|
"Trigger type": "Configuration changes and Periodic"
|
||||||
},
|
},
|
||||||
"INSTANCES_IN_VPC": {
|
"INSTANCES_IN_VPC": {
|
||||||
"AWS Region": "All supported AWS regions except Africa (Cape Town), Middle East (UAE), Asia Pacific (Osaka), Europe (Milan), Israel (Tel Aviv), Europe (Spain), Europe (Zurich) Region",
|
"AWS Region": "All supported AWS regions",
|
||||||
"Parameters": [
|
"Parameters": [
|
||||||
{
|
{
|
||||||
"Name": "vpcId",
|
"Name": "vpcId",
|
||||||
@ -2875,6 +2898,12 @@
|
|||||||
"Resource Types": "AWS::Lambda::Function",
|
"Resource Types": "AWS::Lambda::Function",
|
||||||
"Trigger type": "Configuration changes"
|
"Trigger type": "Configuration changes"
|
||||||
},
|
},
|
||||||
|
"MACIE_AUTO_SENSITIVE_DATA_DISCOVERY_CHECK": {
|
||||||
|
"AWS Region": "All supported AWS regions except China (Beijing), Asia Pacific (Jakarta), Middle East (UAE), Asia Pacific (Hyderabad), Asia Pacific (Melbourne), AWS GovCloud (US-East), AWS GovCloud (US-West), Europe (Spain), China (Ningxia), Europe (Zurich) Region",
|
||||||
|
"Parameters": [],
|
||||||
|
"Resource Types": "AWS::::Account",
|
||||||
|
"Trigger type": "Periodic"
|
||||||
|
},
|
||||||
"MACIE_STATUS_CHECK": {
|
"MACIE_STATUS_CHECK": {
|
||||||
"AWS Region": "All supported AWS regions except China (Beijing), Asia Pacific (Jakarta), Middle East (UAE), Asia Pacific (Hyderabad), Asia Pacific (Melbourne), AWS GovCloud (US-East), AWS GovCloud (US-West), Israel (Tel Aviv), Europe (Spain), China (Ningxia), Europe (Zurich) Region",
|
"AWS Region": "All supported AWS regions except China (Beijing), Asia Pacific (Jakarta), Middle East (UAE), Asia Pacific (Hyderabad), Asia Pacific (Melbourne), AWS GovCloud (US-East), AWS GovCloud (US-West), Israel (Tel Aviv), Europe (Spain), China (Ningxia), Europe (Zurich) Region",
|
||||||
"Parameters": [],
|
"Parameters": [],
|
||||||
@ -2884,6 +2913,7 @@
|
|||||||
"MFA_ENABLED_FOR_IAM_CONSOLE_ACCESS": {
|
"MFA_ENABLED_FOR_IAM_CONSOLE_ACCESS": {
|
||||||
"AWS Region": "All supported AWS regions except Middle East (UAE), Asia Pacific (Hyderabad), Asia Pacific (Melbourne), Israel (Tel Aviv), Canada West (Calgary), Europe (Spain), Europe (Zurich) Region",
|
"AWS Region": "All supported AWS regions except Middle East (UAE), Asia Pacific (Hyderabad), Asia Pacific (Melbourne), Israel (Tel Aviv), Canada West (Calgary), Europe (Spain), Europe (Zurich) Region",
|
||||||
"Parameters": [],
|
"Parameters": [],
|
||||||
|
"Resource Types": "AWS::IAM::User",
|
||||||
"Trigger type": "Periodic"
|
"Trigger type": "Periodic"
|
||||||
},
|
},
|
||||||
"MQ_ACTIVE_DEPLOYMENT_MODE": {
|
"MQ_ACTIVE_DEPLOYMENT_MODE": {
|
||||||
@ -3304,6 +3334,7 @@
|
|||||||
"RDS_IN_BACKUP_PLAN": {
|
"RDS_IN_BACKUP_PLAN": {
|
||||||
"AWS Region": "All supported AWS regions except Africa (Cape Town), Middle East (UAE), Asia Pacific (Hyderabad), Asia Pacific (Osaka), Asia Pacific (Melbourne), Europe (Milan), Israel (Tel Aviv), Canada West (Calgary), Europe (Spain), Europe (Zurich) Region",
|
"AWS Region": "All supported AWS regions except Africa (Cape Town), Middle East (UAE), Asia Pacific (Hyderabad), Asia Pacific (Osaka), Asia Pacific (Melbourne), Europe (Milan), Israel (Tel Aviv), Canada West (Calgary), Europe (Spain), Europe (Zurich) Region",
|
||||||
"Parameters": [],
|
"Parameters": [],
|
||||||
|
"Resource Types": "AWS::RDS::DBInstance",
|
||||||
"Trigger type": "Periodic"
|
"Trigger type": "Periodic"
|
||||||
},
|
},
|
||||||
"RDS_LAST_BACKUP_RECOVERY_POINT_CREATED": {
|
"RDS_LAST_BACKUP_RECOVERY_POINT_CREATED": {
|
||||||
@ -3570,7 +3601,7 @@
|
|||||||
"REDSHIFT_REQUIRE_TLS_SSL": {
|
"REDSHIFT_REQUIRE_TLS_SSL": {
|
||||||
"AWS Region": "All supported AWS regions except Asia Pacific (Jakarta), Asia Pacific (Hyderabad), Asia Pacific (Osaka), Europe (Milan), Canada West (Calgary), Europe (Spain) Region",
|
"AWS Region": "All supported AWS regions except Asia Pacific (Jakarta), Asia Pacific (Hyderabad), Asia Pacific (Osaka), Europe (Milan), Canada West (Calgary), Europe (Spain) Region",
|
||||||
"Parameters": [],
|
"Parameters": [],
|
||||||
"Resource Types": "AWS::Redshift::Cluster",
|
"Resource Types": "AWS::Redshift::Cluster, AWS::Redshift::ClusterParameterGroup",
|
||||||
"Trigger type": "Configuration changes"
|
"Trigger type": "Configuration changes"
|
||||||
},
|
},
|
||||||
"REQUIRED_TAGS": {
|
"REQUIRED_TAGS": {
|
||||||
@ -3941,7 +3972,7 @@
|
|||||||
"Type": "CSV"
|
"Type": "CSV"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"Resource Types": "AWS::S3::Bucket",
|
"Resource Types": "AWS::S3::Bucket, AWS::KMS::Key",
|
||||||
"Trigger type": "Configuration changes"
|
"Trigger type": "Configuration changes"
|
||||||
},
|
},
|
||||||
"S3_EVENT_NOTIFICATIONS_ENABLED": {
|
"S3_EVENT_NOTIFICATIONS_ENABLED": {
|
||||||
@ -4107,6 +4138,7 @@
|
|||||||
"Type": "String"
|
"Type": "String"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
|
"Resource Types": "AWS::SageMaker::EndpointConfig",
|
||||||
"Trigger type": "Periodic"
|
"Trigger type": "Periodic"
|
||||||
},
|
},
|
||||||
"SAGEMAKER_NOTEBOOK_INSTANCE_INSIDE_VPC": {
|
"SAGEMAKER_NOTEBOOK_INSTANCE_INSIDE_VPC": {
|
||||||
@ -4130,6 +4162,7 @@
|
|||||||
"Type": "String"
|
"Type": "String"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
|
"Resource Types": "AWS::SageMaker::NotebookInstance",
|
||||||
"Trigger type": "Periodic"
|
"Trigger type": "Periodic"
|
||||||
},
|
},
|
||||||
"SAGEMAKER_NOTEBOOK_INSTANCE_ROOT_ACCESS_CHECK": {
|
"SAGEMAKER_NOTEBOOK_INSTANCE_ROOT_ACCESS_CHECK": {
|
||||||
@ -4141,6 +4174,7 @@
|
|||||||
"SAGEMAKER_NOTEBOOK_NO_DIRECT_INTERNET_ACCESS": {
|
"SAGEMAKER_NOTEBOOK_NO_DIRECT_INTERNET_ACCESS": {
|
||||||
"AWS Region": "All supported AWS regions except Asia Pacific (Jakarta), Africa (Cape Town), Middle East (UAE), Asia Pacific (Hyderabad), Asia Pacific (Osaka), Asia Pacific (Melbourne), Europe (Milan), Israel (Tel Aviv), Canada West (Calgary), Europe (Spain), Europe (Zurich) Region",
|
"AWS Region": "All supported AWS regions except Asia Pacific (Jakarta), Africa (Cape Town), Middle East (UAE), Asia Pacific (Hyderabad), Asia Pacific (Osaka), Asia Pacific (Melbourne), Europe (Milan), Israel (Tel Aviv), Canada West (Calgary), Europe (Spain), Europe (Zurich) Region",
|
||||||
"Parameters": [],
|
"Parameters": [],
|
||||||
|
"Resource Types": "AWS::SageMaker::NotebookInstance",
|
||||||
"Trigger type": "Periodic"
|
"Trigger type": "Periodic"
|
||||||
},
|
},
|
||||||
"SECRETSMANAGER_ROTATION_ENABLED_CHECK": {
|
"SECRETSMANAGER_ROTATION_ENABLED_CHECK": {
|
||||||
@ -4175,6 +4209,7 @@
|
|||||||
"Type": "int"
|
"Type": "int"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
|
"Resource Types": "AWS::SecretsManager::Secret",
|
||||||
"Trigger type": "Periodic"
|
"Trigger type": "Periodic"
|
||||||
},
|
},
|
||||||
"SECRETSMANAGER_SECRET_UNUSED": {
|
"SECRETSMANAGER_SECRET_UNUSED": {
|
||||||
@ -4186,6 +4221,7 @@
|
|||||||
"Type": "int"
|
"Type": "int"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
|
"Resource Types": "AWS::SecretsManager::Secret",
|
||||||
"Trigger type": "Periodic"
|
"Trigger type": "Periodic"
|
||||||
},
|
},
|
||||||
"SECRETSMANAGER_USING_CMK": {
|
"SECRETSMANAGER_USING_CMK": {
|
||||||
@ -4220,6 +4256,7 @@
|
|||||||
"Type": "String"
|
"Type": "String"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
|
"Resource Types": "AWS::EC2::VPC",
|
||||||
"Trigger type": "Periodic"
|
"Trigger type": "Periodic"
|
||||||
},
|
},
|
||||||
"SES_MALWARE_SCANNING_ENABLED": {
|
"SES_MALWARE_SCANNING_ENABLED": {
|
||||||
@ -4259,6 +4296,7 @@
|
|||||||
"SSM_DOCUMENT_NOT_PUBLIC": {
|
"SSM_DOCUMENT_NOT_PUBLIC": {
|
||||||
"AWS Region": "All supported AWS regions except Israel (Tel Aviv), Canada West (Calgary) Region",
|
"AWS Region": "All supported AWS regions except Israel (Tel Aviv), Canada West (Calgary) Region",
|
||||||
"Parameters": [],
|
"Parameters": [],
|
||||||
|
"Resource Types": "AWS::SSM::Document",
|
||||||
"Trigger type": "Periodic"
|
"Trigger type": "Periodic"
|
||||||
},
|
},
|
||||||
"STEP_FUNCTIONS_STATE_MACHINE_LOGGING_ENABLED": {
|
"STEP_FUNCTIONS_STATE_MACHINE_LOGGING_ENABLED": {
|
||||||
@ -4441,6 +4479,7 @@
|
|||||||
"Type": "String"
|
"Type": "String"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
|
"Resource Types": "AWS::EC2::VPC",
|
||||||
"Trigger type": "Periodic"
|
"Trigger type": "Periodic"
|
||||||
},
|
},
|
||||||
"VPC_NETWORK_ACL_UNUSED_CHECK": {
|
"VPC_NETWORK_ACL_UNUSED_CHECK": {
|
||||||
@ -4493,6 +4532,7 @@
|
|||||||
"Type": "CSV"
|
"Type": "CSV"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
|
"Resource Types": "AWS::WAFv2::WebACL",
|
||||||
"Trigger type": "Periodic"
|
"Trigger type": "Periodic"
|
||||||
},
|
},
|
||||||
"WAFV2_RULEGROUP_LOGGING_ENABLED": {
|
"WAFV2_RULEGROUP_LOGGING_ENABLED": {
|
||||||
@ -4522,6 +4562,7 @@
|
|||||||
"Type": "CSV"
|
"Type": "CSV"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
|
"Resource Types": "AWS::WAF::WebACL",
|
||||||
"Trigger type": "Periodic"
|
"Trigger type": "Periodic"
|
||||||
},
|
},
|
||||||
"WAF_GLOBAL_RULEGROUP_NOT_EMPTY": {
|
"WAF_GLOBAL_RULEGROUP_NOT_EMPTY": {
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user