AC_AWS_0503 | Ensure valid account number format is used in Amazon Simple Queue Service (SQS) Queue | AWS | Security Best Practices | LOW |
AC_AWS_0504 | Ensure valid account number format is used in AWS API Gateway Rest API Policy | AWS | Security Best Practices | LOW |
AC_AWS_0505 | Ensure valid account number format is used in Amazon Elastic Container Registry (Amazon ECR) | AWS | Security Best Practices | LOW |
AC_AWS_0506 | Ensure valid account number format is used in AWS EFS File System Policy | AWS | Security Best Practices | LOW |
AC_AWS_0507 | Ensure Adding Add a valid numeric value for the condition operator | AWS | Identity and Access Management | LOW |
AC_AWS_0508 | Ensure Cassandra Client (TCP:9042) is not exposed to more than 32 private hosts | AWS | Infrastructure Security | LOW |
AC_AWS_0509 | Ensure Cassandra Internode Communication (TCP:7000) is not exposed to entire internet | AWS | Infrastructure Security | HIGH |
AC_AWS_0510 | Ensure Cassandra Internode Communication (TCP:7000) is not exposed to public | AWS | Infrastructure Security | MEDIUM |
AC_AWS_0511 | Ensure Cassandra Internode Communication (TCP:7000) is not exposed to more than 32 private hosts | AWS | Infrastructure Security | LOW |
AC_AWS_0512 | Ensure Cassandra Monitoring (TCP:7199) is not exposed to entire internet | AWS | Infrastructure Security | HIGH |
AC_AWS_0513 | Ensure Cassandra Monitoring (TCP:7199) is not exposed to public | AWS | Infrastructure Security | MEDIUM |
AC_AWS_0514 | Ensure Cassandra Monitoring (TCP:7199) is not exposed to more than 32 private hosts | AWS | Infrastructure Security | LOW |
AC_AWS_0515 | Ensure Cassandra OpsCenter Monitoring (TCP:61620) is not exposed to entire internet | AWS | Infrastructure Security | HIGH |
AC_AWS_0516 | Ensure Cassandra OpsCenter Monitoring (TCP:61620) is not exposed to public | AWS | Infrastructure Security | MEDIUM |
AC_AWS_0517 | Ensure Cassandra OpsCenter Monitoring (TCP:61620) is not exposed to more than 32 private hosts | AWS | Infrastructure Security | LOW |
AC_AWS_0518 | Ensure Cassandra OpsCenter Website (TCP:8888) is not exposed to entire internet | AWS | Infrastructure Security | HIGH |
AC_AWS_0519 | Ensure Cassandra OpsCenter Website (TCP:8888) is not exposed to public | AWS | Infrastructure Security | MEDIUM |
AC_AWS_0520 | Ensure Cassandra OpsCenter Website (TCP:8888) is not exposed to more than 32 private hosts | AWS | Infrastructure Security | LOW |
AC_AWS_0521 | Ensure Cassandra Thrift (TCP:9160) is not exposed to entire internet | AWS | Infrastructure Security | HIGH |
AC_AWS_0522 | Ensure Cassandra Thrift (TCP:9160) is not exposed to public | AWS | Infrastructure Security | MEDIUM |
AC_AWS_0523 | Ensure Cassandra Thrift (TCP:9160) is not exposed to more than 32 private hosts | AWS | Infrastructure Security | LOW |
AC_AWS_0524 | Ensure LDAP (TCP:389) is not exposed to entire internet | AWS | Infrastructure Security | HIGH |
AC_AWS_0525 | Ensure LDAP (TCP:389) is not exposed to public | AWS | Infrastructure Security | MEDIUM |
AC_AWS_0526 | Ensure LDAP (TCP:389) is not exposed to more than 32 private hosts | AWS | Infrastructure Security | LOW |
AC_AWS_0527 | Ensure LDAP (UDP:389) is not exposed to entire internet | AWS | Infrastructure Security | HIGH |
AC_AWS_0528 | Ensure LDAP (UDP:389) is not exposed to public | AWS | Infrastructure Security | MEDIUM |
AC_AWS_0529 | Ensure LDAP (UDP:389) is not exposed to more than 32 private hosts | AWS | Infrastructure Security | LOW |
AC_AWS_0530 | Ensure Memcached SSL (TCP:11211) is not exposed to entire internet | AWS | Infrastructure Security | HIGH |
AC_AWS_0531 | Ensure Memcached SSL (TCP:11211) is not exposed to public | AWS | Infrastructure Security | MEDIUM |
AC_AWS_0532 | Ensure Memcached SSL (TCP:11211) is not exposed to more than 32 private hosts | AWS | Infrastructure Security | LOW |
AC_AWS_0533 | Ensure Memcached SSL (UDP:11211) is not exposed to entire internet | AWS | Infrastructure Security | HIGH |
AC_AWS_0534 | Ensure Memcached SSL (UDP:11211) is not exposed to public | AWS | Infrastructure Security | MEDIUM |
AC_AWS_0535 | Ensure Memcached SSL (UDP:11211) is not exposed to more than 32 private hosts | AWS | Infrastructure Security | LOW |
AC_AWS_0536 | Ensure Oracle DB (TCP:2483) is not exposed to entire internet | AWS | Infrastructure Security | HIGH |
AC_AWS_0537 | Ensure Oracle DB (TCP:2483) is not exposed to public | AWS | Infrastructure Security | MEDIUM |
AC_AWS_0538 | Ensure Oracle DB (TCP:2483) is not exposed to more than 32 private hosts | AWS | Infrastructure Security | LOW |
AC_AWS_0539 | Ensure Oracle DB (UDP:2483) is not exposed to entire internet | AWS | Infrastructure Security | HIGH |
AC_AWS_0540 | Ensure Oracle DB (UDP:2483) is not exposed to public | AWS | Infrastructure Security | MEDIUM |
AC_AWS_0541 | Ensure Oracle DB (UDP:2483) is not exposed to more than 32 private hosts | AWS | Infrastructure Security | LOW |
AC_AWS_0542 | Ensure Redis without SSL (TCP:6379) is not exposed to entire internet | AWS | Infrastructure Security | HIGH |
AC_AWS_0543 | Ensure Redis without SSL (TCP:6379) is not exposed to public | AWS | Infrastructure Security | MEDIUM |
AC_AWS_0544 | Ensure Redis without SSL (TCP:6379) is not exposed to more than 32 private hosts | AWS | Infrastructure Security | LOW |
AC_AWS_0545 | Ensure environment variables do not contain any credentials in AWS Codebuild Project | AWS | Data Protection | MEDIUM |
AC_AWS_0546 | Ensure load balancer health checks are used for AWS Auto Scaling Groups | AWS | Security Best Practices | MEDIUM |
AC_AWS_0547 | Ensure there is an encrypted connection between AWS CloudFront server and Origin server | AWS | Data Protection | HIGH |
AC_AWS_0548 | Ensure logging is enabled for AWS CloudFront | AWS | Logging and Monitoring | MEDIUM |
AC_AWS_0549 | Ensure geo-restriction is enabled for AWS CloudFront | AWS | Infrastructure Security | LOW |
AC_AWS_0550 | Ensure actions '*' and resource '*' are not allowed in AWS IAM Policy | AWS | Identity and Access Management | LOW |
AC_AWS_0551 | Ensure there is no policy with wildcards (*) used in principal for Amazon Simple Queue Service (SQS) Queue | AWS | Identity and Access Management | LOW |
AC_AWS_0552 | Ensure MFA is enabled for the "root user" account | AWS | Compliance Validation | HIGH |