aws
Insecure encryption algorithm - Default encryption - Aws
Need Implementation of customer-controlled keys for encryption Context Usage of Terraform for Infrastructure as Code (IaC) Usage of aws_s3_bucket for interacting with Amazon S3 buckets Description Non compliant code resource "aws_s3_bucket" "bucket" ...
Non-encrypted confidential information - S3 Server Side Encryption - Aws
Need Enforcement of Server-Side Encryption for all S3 buckets Context Usage of Terraform for Infrastructure as Code (IaC) Usage of aws-sdk for interacting with Amazon Web Services (AWS) services Description Non compliant code resource "aws_s3_bucket" ...
Insecure encryption algorithm - SSL/TLS - Aws
Need Implementation of secure encryption algorithms and disabling insecure TLS protocol versions. Context Usage of Terraform for Infrastructure as Code (IaC) Usage of aws_lb for managing load balancers in AWS Usage of aws_lb_target_group for managing ...
Weak credential policy - Temporary passwords - Aws
Need Enhancement of credential policy for temporary passwords Context Usage of Terraform for Infrastructure as Code (IaC) Usage of aws-sdk for interacting with Amazon Web Services (AWS) services Description Non compliant code resource "aws_iam_user" ...
Lack of protection against deletion - EC2 - Aws
Need Enabling termination/removal protection for EC2 instances Context Usage of Terraform for Infrastructure as Code (IaC) Usage of AWS SDK for interacting with Amazon Web Services Description Non compliant code provider "aws" { region = "us-west-2" ...
Insecure service configuration - DynamoDB - Aws
Need Secure configuration of DynamoDB service Context Usage of Terraform for Infrastructure as Code (IaC) Usage of aws-sdk for interacting with Amazon Web Services (AWS) services Description Non compliant code resource "aws_dynamodb_table" ...
Automatic information enumeration - Aws
Need Prevention of automatic information enumeration Context Usage of Terraform for Infrastructure as Code (IaC) Usage of AWS SDK for interacting with Amazon Web Services Description Non compliant code provider "aws" { region = "us-west-2" } resource ...
Improper authorization control for web services - RDS - Aws
Need Enhancement of authorization controls for web services - RDS Context Usage of Terraform for Infrastructure as Code (IaC) Usage of AWS SDK for interacting with Amazon Web Services Description Non compliant code provider "aws" { region = ...
Insecure service configuration - EC2 - Aws
Need Secure configuration of EC2 instances Context Usage of Terraform for Infrastructure as Code (IaC) Usage of terraform-provider-aws for managing AWS resources using Terraform Description Non compliant code provider "aws" { region = "us-west-2" } ...
Non-encrypted confidential information - EFS - Aws
Need Secure encryption of confidential information in AWS Elastic File System (EFS) using Customer Managed Keys (CMKs) Context Usage of Terraform for Infrastructure as Code (IaC) Usage of aws-sdk for interacting with AWS services and resources ...
Guessed weak credentials - Aws
Need Enhancement of credential security Context Usage of Terraform for Infrastructure as Code (IaC) Usage of terraform-provider-aws for managing AWS resources using Terraform Description Non compliant code provider "aws" { access_key = ...
Business information leak - Credentials - Aws
Need Protection of business credentials to prevent unauthorized access and data breaches Context Usage of Terraform for Infrastructure as Code (IaC) Usage of aws-sdk for interacting with Amazon Web Services (AWS) services Description Non compliant ...
Non-encrypted confidential information - EBS Volumes - Aws
Need Secure encryption of confidential information stored in EBS volumes Context Usage of Terraform for Infrastructure as Code (IaC) Usage of aws-sdk for interacting with Amazon Web Services (AWS) services Description Non compliant code resource ...
Lack of protection against deletion - ELB - Aws
Need Enable Deletion Protection for Elastic Load Balancing Context Usage of Terraform for Infrastructure as Code (IaC) Usage of aws_elb for managing and configuring Amazon Web Services Elastic Load Balancer Description Non compliant code resource ...
Weak credential policy - Password Expiration - Aws
Need Enforcement of strong password expiration policy Context Usage of Terraform for Infrastructure as Code (IaC) Usage of AWS SDK for interacting with Amazon Web Services Description Non compliant code provider "aws" { region = "us-west-2" } ...
Lack of protection against deletion - DynamoDB - Aws
Need Implementation of data backup and recovery mechanisms for DynamoDB instances Context Usage of Terraform for Infrastructure as Code (IaC) Usage of aws-sdk for interacting with Amazon Web Services (AWS) services Description Non compliant code ...
Unauthorized access to files - S3 Bucket - Aws
Need Secure access control for S3 buckets Context Usage of Terraform for Infrastructure as Code (IaC) Usage of aws_s3_bucket for interacting with Amazon S3 buckets Description Non compliant code resource "aws_s3_bucket" "bucket" { bucket = "mybucket" ...
Insufficient data authenticity validation - Cloudtrail Logs - Aws
Need Improved data authenticity validation for Cloudtrail Logs Context Usage of Terraform for Infrastructure as Code (IaC) Usage of AWS CloudTrail for logging and monitoring AWS API activity Usage of AWS S3 Bucket for storing and retrieving files ...
Non-encrypted hard drives - Aws
Need Implementation of full disk encryption Context Usage of Terraform for Infrastructure as Code (IaC) Usage of AWS SDK for interacting with Amazon Web Services Description Non compliant code provider "aws" { region = "us-west-2" } resource ...
Insecure service configuration - KMS - Aws
Need Enforce automatic key rotation for KMS service Context Usage of Terraform for Infrastructure as Code (IaC) Usage of AWS KMS Key for encryption and decryption of data Description Non compliant code resource "aws_kms_key" "mykey" { description = ...
Insecure service configuration - Security Groups - Aws
Need Secure configuration of EC2 Security Groups Context Usage of Terraform for Infrastructure as Code (IaC) Usage of aws-sdk for interacting with Amazon Web Services (AWS) Description Non compliant code resource "aws_instance" "example" { ami = ...
Security controls absence - Monitoring - Aws
Need Implementation of robust monitoring and alerting mechanisms Context Usage of Terraform for Infrastructure as Code (IaC) Usage of AWS SDK for interacting with Amazon Web Services Description Non compliant code provider "aws" { region = ...
Serverless - one dedicated IAM role per function - Aws
Need Enforce separate IAM roles for each Lambda function Context Usage of Terraform for Infrastructure as Code (IaC) Usage of AWS SDK for interacting with Amazon Web Services Usage of AWS IAM Roles for managing access and permissions in AWS services ...
Privilege escalation - Aws
Need Enhancement of role-based access control to prevent unauthorized privilege escalation Context Usage of Terraform for Infrastructure as Code (IaC) Usage of AWS SDK for interacting with Amazon Web Services Description Non compliant code provider ...
Insecure service configuration - ELB - Aws
Need Secure configuration of Elastic Load Balancers Context Usage of Terraform for Infrastructure as Code (IaC) Usage of aws_elb for managing and configuring Amazon Web Services Elastic Load Balancer Description Non compliant code resource "aws_elb" ...
Use of an insecure channel - HTTP - Aws
Need Secure transmission of client information Context Usage of Terraform for Infrastructure as Code (IaC) Usage of AWS SDK for interacting with Amazon Web Services Description Non compliant code provider "aws" { region = "us-west-2" } resource ...
Unauthorized access to files - Debug APK - Aws
Need Secure access to debug APK files Context Usage of Terraform for Infrastructure as Code (IaC) Usage of AWS SDK for interacting with Amazon Web Services Description Non compliant code provider "aws" { region = "us-west-2" } resource ...
Excessive privileges - Wildcards - Aws
Need Restriction of privileges and removal of wildcard usage Context Usage of Terraform for Infrastructure as Code (IaC) Usage of AWS IAM Roles for managing access and permissions in AWS services Usage of AWS IAM Role Policy for defining permissions ...
Non-encrypted confidential information - DB - Aws
Need Secure storage of confidential information in the database Context Usage of Terraform for Infrastructure as Code (IaC) Usage of AWS SDK for interacting with Amazon Web Services Description Non compliant code provider "aws" { region = "us-west-2" ...
Traceability Loss - API Gateway - Aws
Need Enhancement of traceability and logging capabilities in API Gateway Context Usage of Terraform for Infrastructure as Code (IaC) Usage of AWS SDK for interacting with Amazon Web Services Description Non compliant code provider "aws" { region = ...
Non-encrypted confidential information - DynamoDB - Aws
Need Secure encryption of confidential information in DynamoDB Context Usage of Terraform for Infrastructure as Code (IaC) Usage of aws-sdk for interacting with Amazon Web Services (AWS) services Description Non compliant code resource ...
Non-encrypted confidential information - Redshift Cluster - Aws
Need Encryption of confidential information in AWS Redshift Cluster Context Usage of Terraform for Infrastructure as Code (IaC) Usage of aws_redshift_cluster for managing and interacting with Amazon Redshift clusters Description Non compliant code ...
Automatic information enumeration - Open ports - Aws
Need Restrict open ports to only necessary and authorized services Context Usage of Terraform for Infrastructure as Code (IaC) Usage of aws_security_group for managing security groups in AWS Description Non compliant code resource ...
Insecure service configuration - IAM - Aws
Need Secure configuration of IAM services Context Usage of Terraform for Infrastructure as Code (IaC) Usage of terraform-provider-aws for managing AWS resources with Terraform Description Non compliant code provider "aws" { region = "us-west-2" ...
Lack of protection against deletion - RDS - Aws
Need Implementation of safeguards to prevent accidental or unauthorized deletion of databases in Amazon Web Services RDS. Context Usage of Terraform for Infrastructure as Code (IaC) Usage of AWS SDK for interacting with Amazon Web Services ...
Unrestricted access between network segments - RDS - Aws
Need Restrict access between network segments for RDS instances Context Usage of Terraform for Infrastructure as Code (IaC) Usage of aws_db_instance for managing and interacting with AWS RDS database instances Description Non compliant code resource ...
Weak credential policy - Password strength - Aws
Need Implementation of a strong password policy Context Usage of Terraform for Infrastructure as Code (IaC) Usage of AWS IAM User for managing user access and permissions in AWS Usage of aws_iam_user_login_profile for managing login profiles for AWS ...
Non-encrypted confidential information - Hexadecimal - Aws
Need Protection of confidential information through encryption Context Usage of Terraform for Infrastructure as Code (IaC) Usage of AWS SDK for interacting with Amazon Web Services (AWS) services Description Non compliant code provider "aws" { ...
Insecure service configuration - Bucket - Aws
Need Enabling secure service configuration for S3 buckets Context Usage of Terraform for Infrastructure as Code (IaC) Usage of aws-sdk for interacting with Amazon Web Services (AWS) services Description Non compliant code resource "aws_s3_bucket" ...
Insecure service configuration - AWS - Aws
Need Secure configuration of AWS services Context Usage of Terraform for Infrastructure as Code (IaC) Usage of AWS SDK for interacting with Amazon Web Services Description Non compliant code provider "aws" { region = "us-west-2" } resource ...
Next page