AC_AWS_0018 | Ensure encryption is enabled for AWS Athena Query | AWS | Data Protection | MEDIUM |
AC_AWS_0057 | Ensure CA certificate used is not older than 1 year for Amazon Relational Database Service (Amazon RDS) instances | AWS | Data Protection | HIGH |
AC_AWS_0070 | Ensure auto minor version upgrade is enabled for AWS Database Migration Service (DMS) instances | AWS | Security Best Practices | MEDIUM |
AC_AWS_0097 | Ensure VPC is enabled for AWS Redshift Cluster | AWS | Infrastructure Security | MEDIUM |
AC_AWS_0184 | Ensure deletion protection is enabled for AWS QLDB Ledger | AWS | Resilience | MEDIUM |
AC_AWS_0197 | Ensure KMS customer managed key (CMK) for encryption of AWS Redshift clusters | AWS | Security Best Practices | HIGH |
AC_AWS_0198 | Ensure encryption is enabled for AWS Redshift clusters | AWS | Data Protection | MEDIUM |
AC_AWS_0199 | Ensure public access is disabled for AWS Redshift Clusters | AWS | Infrastructure Security | HIGH |
AC_AWS_0436 | Ensure automatic backups are enabled for AWS Elasticache Cluster | AWS | Data Protection | MEDIUM |
AC_AZURE_0040 | Ensure that Vulnerability Assessment (VA) setting 'Periodic recurring scans' is set to 'on' for each SQL server | Azure | Identity and Access Management | MEDIUM |
AC_AZURE_0053 | Ensure that Microsoft Defender for SQL is set to 'On' for critical SQL Servers | Azure | Infrastructure Security | HIGH |
AC_AZURE_0126 | Ensure 'TLS Version' is set to 'TLSV1.2' for MySQL flexible Database Server | Azure | Infrastructure Security | MEDIUM |
AC_AZURE_0133 | Ensure notification email address is configured for Azure MSSQL Server Security Alert Policy | Azure | Logging and Monitoring | MEDIUM |
AC_AZURE_0134 | Ensure that minimum TLS version is set to 1.2 for Azure MSSQL Server | Azure | Infrastructure Security | MEDIUM |
AC_AZURE_0139 | Ensure regular backups are enabled for Azure MariaDB Server | Azure | Resilience | MEDIUM |
AC_AZURE_0183 | Ensure consistency level is NOT set to 'Eventual' for Azure CosmosDB Account | Azure | Security Best Practices | LOW |
AC_AZURE_0315 | Ensure customer-managed keys to encrypt data at rest for Azure CosmosDB Account | Azure | Data Protection | MEDIUM |
AC_AZURE_0374 | Ensure a firewall is attached to Azure SQL Server | Azure | Infrastructure Security | MEDIUM |
AC_AZURE_0383 | Ensure that 'Threat Detection' is enabled for Azure SQL Database | Azure | Logging and Monitoring | MEDIUM |
AC_AZURE_0391 | Ensure that firewall rules does not allow unrestricted access to Azure Redis Cache from other Azure sources | Azure | Infrastructure Security | HIGH |
AC_AZURE_0413 | Ensure server parameter 'log_connections' is set to 'ON' for PostgreSQL Database Server - azurerm_postgresql_configuration | Azure | Logging and Monitoring | MEDIUM |
AC_GCP_0251 | Ensure that the 'log_checkpoints' database flag for Cloud SQL PostgreSQL instance is set to 'on' | GCP | Compliance Validation | LOW |
AC_AWS_0054 | Ensure public access is disabled for Amazon Relational Database Service (Amazon RDS) instances | AWS | Infrastructure Security | HIGH |
AC_AZURE_0308 | Ensure public access is disabled for Azure MySQL Single Server | Azure | Infrastructure Security | HIGH |
AC_AZURE_0564 | Ensure 'Allow access to Azure services' for PostgreSQL Database Server is disabled | Azure | Data Protection | MEDIUM |
AC_AZURE_0590 | Ensure Server Parameter 'log_retention_days' is greater than 3 days for PostgreSQL Database Server | Azure | Resilience | MEDIUM |
AC_GCP_0001 | Ensure That Cloud SQL Database Instances Are Configured With Automated Backups | GCP | Resilience | MEDIUM |
AC_GCP_0225 | Ensure 'Skip_show_database' Database Flag for Cloud SQL MySQL Instance Is Set to 'On' | GCP | Compliance Validation | LOW |
AC_GCP_0249 | Ensure That Cloud SQL Database Instances Do Not Have Public IPs | GCP | Compliance Validation | MEDIUM |
AC_GCP_0257 | Ensure That the 'Log_min_duration_statement' Database Flag for Cloud SQL PostgreSQL Instance Is Set to '-1' (Disabled) | GCP | Compliance Validation | LOW |
AC_GCP_0315 | Ensure 'Log_hostname' Database Flag for Cloud SQL PostgreSQL Instance Is Set to 'on' | GCP | Compliance Validation | LOW |
AC_AWS_0055 | Ensure the security best practices configuration is followed for Amazon Relational Database Service (Amazon RDS) instances | AWS | Security Best Practices | HIGH |
AC_AWS_0056 | Ensure automatic minor version upgrade is enabled for Amazon Relational Database Service (Amazon RDS) instances | AWS | Data Protection | HIGH |
AC_AWS_0064 | Ensure CloudWatch logging is enabled for Amazon Relational Database Service (Amazon RDS) instances | AWS | Logging and Monitoring | MEDIUM |
AC_AWS_0068 | Ensure public access is disabled for AWS Database Migration Service (DMS) instances | AWS | Data Protection | HIGH |
AC_AWS_0192 | Ensure database instances with an AWS Aurora cluster should have same accessibility | AWS | Compliance Validation | MEDIUM |
AC_AWS_0194 | Ensure latest generation of instance classes is used by Amazon Relational Database Service (Amazon RDS) instances | AWS | Compliance Validation | MEDIUM |
AC_AWS_0200 | Ensure audit logging feature is enabled for AWS Redshift clusters | AWS | Logging and Monitoring | LOW |
AC_AWS_0381 | Ensure public access is disabled for AWS Neptune cluster instances | AWS | Data Protection | MEDIUM |
AC_AWS_0382 | Ensure that cluster nodes are of given types for AWS Redshift Cluster | AWS | Compliance Validation | LOW |
AC_AWS_0422 | Ensure AWS Redshift Snapshot Retention Policy is more than 7 days | AWS | Compliance Validation | MEDIUM |
AC_AWS_0437 | Ensure public access is disabled for Amazon Relational Database Service (Amazon RDS) database snapshots | AWS | Infrastructure Security | MEDIUM |
AC_AWS_0468 | Ensure encryption is enabled for AWS Athena Database | AWS | Data Protection | HIGH |
AC_AZURE_0135 | Ensure public access is disabled for Azure MSSQL Server | Azure | Infrastructure Security | HIGH |
AC_AZURE_0138 | Ensure geo-redundant backups are enabled for Azure MariaDB Server | Azure | Resilience | MEDIUM |
AC_AZURE_0201 | Ensure in-transit encryption is enabled for Azure Redis Cache | Azure | Infrastructure Security | MEDIUM |
AC_AZURE_0205 | Ensure cross account access is disabled for Azure SQL Server | Azure | Identity and Access Management | MEDIUM |
AC_AZURE_0227 | Ensure advanced threat protection is enabled for Azure CosmosDB Account | Azure | Configuration and Vulnerability Analysis | MEDIUM |
AC_AZURE_0237 | Ensure that VA setting 'Periodic recurring scans' to 'on' for each SQL server | Azure | Identity and Access Management | MEDIUM |
AC_AZURE_0241 | Ensure that 'Data encryption' is set to 'On' on a SQL Database | Azure | Data Protection | MEDIUM |