AC_AWS_0014 | Ensure resource ARNs do not have region missing in AWS IAM Policy | AWS | Identity and Access Management | LOW |
AC_AWS_0030 | Ensure valid account number format is used in AWS IAM Policy | AWS | Security Best Practices | LOW |
AC_AWS_0040 | Ensure IAM policies with NotAction and NotResource are not attached or used | AWS | Identity and Access Management | HIGH |
AC_AWS_0042 | Ensure standard password policy must be followed with password at least 14 characters long | AWS | Identity and Access Management | MEDIUM |
AC_AWS_0045 | Ensure 'password policy' is enabled - at least 1 upper case character | AWS | Identity and Access Management | MEDIUM |
AC_AWS_0046 | Ensure 'password policy' is enabled - at least 1 symbol | AWS | Identity and Access Management | MEDIUM |
AC_AWS_0050 | Ensure `arn` prefix is in use for resource in AWS IAM Policy | AWS | Security Best Practices | LOW |
AC_AWS_0132 | Ensure no root user account access key exists | AWS | Identity and Access Management | HIGH |
AC_AWS_0134 | Ensure password policy requires at least one lowercase character for AWS IAM Account Password Policy | AWS | Compliance Validation | LOW |
AC_AWS_0138 | Ensure credentials unused for 45 days or greater are disabled | AWS | Compliance Validation | LOW |
AC_AWS_0413 | Ensure there is no IAM policy with a condition element having IpAddress Condition Operator with key (aws:SourceIp) using private IP address | AWS | Identity and Access Management | LOW |
AC_AWS_0426 | Ensure that initial login requires password reset for AWS IAM Users | AWS | Compliance Validation | HIGH |
AC_AWS_0432 | Ensure IAM Users Receive Permissions Only Through Groups | AWS | Identity and Access Management | MEDIUM |
AC_AWS_0438 | Ensure that there are no orphan in AWS IAM groups | AWS | Compliance Validation | LOW |
AC_AWS_0471 | Ensure correct combination of JSON policy elements is used in AWS IAM Policy | AWS | Identity and Access Management | LOW |
AC_AWS_0474 | Ensure global condition key is not used in AWS IAM Policy | AWS | Identity and Access Management | LOW |
AC_AWS_0493 | Ensure Creation of SLR with star (*) in resource is not allowed in AWS IAM Policy | AWS | Identity and Access Management | LOW |
AC_AWS_0496 | Ensure IAM Policies were not configured with versions in AWS IAM Policy | AWS | Identity and Access Management | LOW |
AC_AWS_0498 | Ensure there is no IAM policy with invalid condition operator | AWS | Identity and Access Management | LOW |
AC_AWS_0501 | Ensure Adding a valid base64-encoded string value for the condition operator | AWS | Identity and Access Management | LOW |
AC_AZURE_0387 | Ensure That No Custom Subscription Owner Roles Are Created | Azure | Identity and Access Management | MEDIUM |
AC_AZURE_0388 | Ensure guest users are disabled for Azure Role Assignment | Azure | Identity and Access Management | HIGH |
AC_GCP_0247 | Ensure IAM roles do not impersonate or manage service accounts used at organization level for Google Cloud | GCP | Identity and Access Management | HIGH |
AC_GCP_0336 | Ensure That Separation of Duties Is Enforced While Assigning Service Account Related Roles to Users | GCP | Identity and Access Management | LOW |
AC_AWS_0019 | Ensure there is no policy with Empty array Action | AWS | Identity and Access Management | LOW |
AC_AWS_0026 | Ensure there is no IAM policy with invalid region used for resource ARN | AWS | Identity and Access Management | LOW |
AC_AWS_0027 | Ensure there is no IAM policy with invalid partition used for resource ARN | AWS | Identity and Access Management | LOW |
AC_AWS_0031 | Ensure only lower case letters are in use for resource in AWS IAM Policy | AWS | Security Best Practices | LOW |
AC_AWS_0141 | Ensure password policy requires minimal length of 7 for AWS IAM Account Password Policy | AWS | Compliance Validation | MEDIUM |
AC_AWS_0398 | Ensure actions 'kms:Decrypt' and 'kms:ReEncryptFrom' are not allowed for all keys in AWS IAM Policy | AWS | Identity and Access Management | LOW |
AC_AWS_0404 | Ensure Principal is removed from all AWS Organization policies | AWS | Security Best Practices | LOW |
AC_AWS_0405 | Ensure NotPrincipal is removed from all AWS Organization policies | AWS | Security Best Practices | LOW |
AC_AWS_0410 | Ensure wildcards(*) are only at end of strings in Action of AWS Organization policies | AWS | Security Best Practices | LOW |
AC_AWS_0420 | Ensure there is no policy with Empty array Condition | AWS | Identity and Access Management | LOW |
AC_AWS_0433 | Ensure cloud users don't have any direct permissions in AWS IAM User Policy Attachment | AWS | Identity and Access Management | MEDIUM |
AC_AWS_0470 | Ensure cloud users don't have any direct permissions in AWS IAM User Policy | AWS | Identity and Access Management | MEDIUM |
AC_AWS_0478 | Ensure that IP range is specified in CIDR format for AWS IAM Policy | AWS | Identity and Access Management | LOW |
AC_AWS_0489 | Ensure Creation of SLR with NotResource is not allowed in AWS IAM Policy | AWS | Identity and Access Management | LOW |
AC_AWS_0495 | Ensure Creation of SLR with star (*) in NotAction and resource is not allowed in AWS IAM Policy | AWS | Identity and Access Management | LOW |
AC_AWS_0593 | Ensure that IAM Access analyzer is enabled for all regions | AWS | Infrastructure Security | MEDIUM |
AC_AWS_0598 | Ensure a support role has been created to manage incidents with AWS Support | AWS | Identity and Access Management | MEDIUM |
AC_AWS_0599 | Ensure that all the expired SSL/TLS certificates stored in AWS IAM are removed | AWS | Identity and Access Management | MEDIUM |
AC_AWS_0600 | Ensure there is only one active access key available for any single IAM user | AWS | Identity and Access Management | MEDIUM |
AC_AZURE_0389 | Ensure resource lock enabled for Azure Resource Group | Azure | Identity and Access Management | LOW |
AC_GCP_0248 | Ensure default service account is not used at organization level for Google Cloud | GCP | Identity and Access Management | HIGH |
AC_GCP_0275 | Ensure multi-factor authentication is enabled for Google Compute Project Metadata | GCP | Security Best Practices | LOW |
AC_AWS_0627 | Ensure IAM Users Receive Permissions Only Through Groups | AWS | Identity and Access Management | MEDIUM |
AC_AWS_0634 | Ensure multi-factor authentication (MFA) is enabled for all IAM users that have a console password | AWS | Compliance Validation | HIGH |
AC_AWS_0028 | Ensure IAM policies with wildcard (*) resource and NotAction are not attached or used | AWS | Identity and Access Management | HIGH |
AC_AWS_0029 | Ensure correct key format is used for condition in AWS IAM Policy | AWS | Security Best Practices | LOW |