Blue Hexagon Documentation

All content
Space settings

Results will update as you type.

•
AWS-ELBv2-ELBv2-Minimum-Number-of-EC2-Target-Instances
•
AWS-ELBv2-ELBv2-NLB-Listener-Security
•
AWS-ELBv2-ELBv2-WAF-Enabled
•
AWS-ELBv2-Public
•
AWS-EMR-cluster-termination-protection-disable
•
AWS-EMR-EMR-Cluster-Logging
•
AWS-EMR-EMR-Encryption-At-Rest
•
AWS-EMR-EMR-Encryption-In-Transit
•
AWS-EMR-Security-configuration-data-encrytion-certificate-type-PEM
•
AWS-EMR-security-configuration-unset-or-data-encryption-unset
•
AWS-ES-Audit-Logging
•
AWS-ES-ElasticSearch-Access-From-IP-Addresses
•
AWS-ES-ElasticSearch-Encrypted-Domain
•
AWS-ES-ElasticSearch-Exposed-Domain
•
AWS-ES-ElasticSearch-HTTPS-Only
•
AWS-ES-ElasticSearch-IAM-Authentication
•
AWS-ES-ElasticSearch-Logging-Enabled
•
AWS-ES-ElasticSearch-Node-To-Node-Encryption
•
AWS-ES-ElasticSearch-Public-Service-Domain
•
AWS-ES-ElasticSearch-Upgrade-Available
•
AWS-ES-Internal-User-Database
•
AWS-EC2-IPs-Unused
•
AWS-ES-Kibana-Auth-Without-Amazon-Cognito
•
AWS-ES-Public-Domains-Without-Auth
•
AWS-ES-Public-Kibana-Ports-Without-Auth
•
AWS-ES-Shodan-IP
•
AWS-Firehose-Firehose-Delivery-Streams-Encrypted
•
AWS-Glacier-Public
•
AWS-Glue-AWS-Glue-Data-Catalog-CMK-Encrypted
•
AWS-Glue-AWS-Glue-Data-Catalog-Encryption-Enabled
•
AWS-Glue-AWS-Glue-Job-Bookmark-Encryption-Enabled
•
AWS-Glue-AWS-Glue-S3-Encryption-Enabled
•
AWS-Glue-Catalog-Connection-Password-Unencrypted
•
AWS-Glue-Database-Ssl-Connection
•
AWS-Glue-Endpoints-Cloudwatch-Logs-Unencrypted
•
AWS-Glue-Endpoints-Job-Bookmarks-Unecrypted
•
AWS-Glue-Endpoints-S3-Unencrypted
•
AWS-Glue-ETL-Jobs-S3-Unencrypted
•
AWS-Glue-ETS-Jobs-Cloudwatch-Logs-Unencrypted
•
AWS-Glue-User-With-Two-Access-Keys
•
AWS-GuardDuty-GuardDuty-is-Enabled
•
AWS-GuardDuty-GuardDuty-Master-Account
•
AWS-IAM-Access-Analyzer
•
AWS-IAM-Access-key-enabled-on-root-account
•
AWS-IAM-Access-Keys-Extra
•
AWS-IAM-Access-Keys-in-IAM-User-Setup
•
AWS-IAM-Access-Keys-Last-Used
•
AWS-IAM-Access-Keys-Rotated
•
AWS-IAM-Admin-Group-Without-Admin-Name
•
AWS-IAM-Admin-Privilege-Custom-Policy
•
AWS-IAM-Admin-Privilege-Managed-Policy
•
AWS-IAM-Administrator-Access-Users-Without-MFA
•
AWS-IAM-AWS-Support-Role
•
AWS-IAM-Bad-MFA-Policy
•
AWS-IAM-Credentials-Unused
•
AWS-IAM-Credentials-Unused-Max-Days
•
AWS-IAM-expired-SSL-TLS-certificates-removed
•
AWS-IAM-IAM-User-Unauthorized-to-Edit
•
AWS-IAM-Known-Bad-Policy
•
AWS-IAM-Linter
•
AWS-IAM-Maximum-Password-Age
•
AWS-IAM-MFA-Disabled
•
AWS-IAM-Minimum-Password-Length
•
AWS-IAM-Monitoring-Policy-Change-Log-Metric
•
AWS-IAM-No-User-IAM-Policies
•
AWS-IAM-Not-Action-In-Allow
•
AWS-IAM-Password-Expiration
•
AWS-IAM-password-policy-enabled
•
AWS-IAM-Password-Requires-Lowercase
•
AWS-IAM-Password-Requires-Numbers
•
AWS-IAM-Password-Requires-Symbols
•
AWS-IAM-Password-Requires-Uppercase
•
AWS-IAM-Password-Reuse-Prevention
•
AWS-IAM-Policies-Attached-To-Groups
•
AWS-IAM-Policy-With-Full-Privileges
•
AWS-IAM-Root-Access-Keys
•
AWS-IAM-Root-Account-Active-Signing-Certificates
•
AWS-IAM-Root-Account-In-Use
•
AWS-IAM-Root-Hardware-MFA
•
AWS-IAM-Root-MFA-Enabled
•
AWS-IAM-SAML-Not-Configured
•
AWS-IAM-Security-Contact-Info
•
AWS-IAM-Security-Questions-Registered
•
AWS-IAM-SSH-Keys-Rotated
•
AWS-IAM-Unexpected-Admin-Privilege-Principal
•
AWS-IAM-Unexpected-Format-Policy
•
AWS-IAM-Unexpected-S3-Listing-Principal
•
AWS-IAM-Use-Of-Root-Account
•
AWS-IAM-user-access-keys-2-rotated-every-90-days
•
AWS-IAM-Users-MFA-Enabled
•
AWS-IAM-Users-Password-And-Keys
•
AWS-IAM-Users-Password-Last-Used
•
AWS-IAM-Users-Without-MFA
•
AWS-Kinesis-firehose-stream-as-source-has-server-side-encryption
•
AWS-Kinesis-firehose-stream-as-source-uses-CMK-server-side-encryption
•
AWS-Kinesis-Kinesis-Streams-Encrypted
•
AWS-Kinesis-stream-with-direct-PUT-has-server-side-encryption
•
AWS-Kinesis-stream-with-direct-PUT-uses-CMK-server-side-encryption
•
AWS-KMS-App-Tier-KMS-Customer-Master-Key-(CMK)
•
AWS-KMS-CMK-administrator-are-key-users
•
AWS-KMS-CMK-deletion-allowed-to-other-principal
•
AWS-KMS-CMK-deletion-set
•
AWS-KMS-CMK-expiry-set-with-external-key-material
•
AWS-KMS-CMK-full-access-to-root-user-configured
•
AWS-KMS-CMK-KMS-Unused
•
AWS-KMS-CMK-uses-external-key-material
•
AWS-KMS-custom-key-stores-connected-to-cloudHSM
•
AWS-KMS-Keys-Exposed
•
AWS-KMS-KMS-Default-Key-Usage
•
AWS-KMS-KMS-Key-Policy
•
AWS-KMS-KMS-Key-Rotation
•
AWS-KMS-KMS-Scheduled-Deletion
•
AWS-Lambda-env-variable-encrypted-at-rest-uses-CMK
•
AWS-Lambda-env-variable-in-transit-encrytion-uses-aws-helpers
•
AWS-Lambda-excess-permission-removed
•
AWS-Lambda-function-alias-uses-single-trigger
•
AWS-Lambda-function-cross-account-access-disallowed
•
AWS-Lambda-function-uses-single-trigger
•
AWS-Lambda-function-using-unique-role
•
AWS-Lambda-Functions-Contain-Secrets
•
AWS-Lambda-Lambda-Admin-Privileges
•
AWS-Lambda-Lambda-APIs-Cloudtrail
•
AWS-Lambda-Lambda-Environment-Variables-Client-Side-Encryption
•
AWS-Lambda-Lambda-Log-Groups
•
AWS-Lambda-Lambda-Old-Runtimes
•
AWS-Lambda-Lambda-Public-Access
•
AWS-Lambda-Lambda-Tracing-Enabled
•
AWS-Lambda-Lambda-VPC-Config
•
AWS-Lambda-Obsolete-Runtimes
•
AWS-Lambda-Resource-Based-Policy-Public
•
AWS-Lambda-Variables-Contain-Secrets
•
AWS-Lightsail-In-Use
•
AWS-Macie-Enabled
•
AWS-Monitoring-AWS-Config-Change-Log-Metric
•
AWS-Monitoring-CMK-Disable-Deletion-Log-Metric
•
AWS-Monitoring-Config-Change-Log-Metric
•
AWS-Monitoring-Console-Auth-Failure-Log-Metric
•
AWS-Monitoring-MFA-Console-Sign-in-Log-Metric
•
AWS-Monitoring-Nacl-Change-Change-Log-Metric
•
AWS-Monitoring-Network-Gateway-Change-Log-Metric
•
AWS-Monitoring-Root-Account-Usage-Change-Log-Metric
•
AWS-Monitoring-Route-Table-Change-Log-Metric
•
AWS-Monitoring-S3-Policy-Change-Log-Metric
•
AWS-Monitoring-Security-Group-Change-Log-Metric
•
AWS-Monitoring-Unauthorized-API-Call-Log-Metric
•
AWS-Monitoring-VPC-Change-Log-Metric
•
AWS-MWAA-Environment-Admin-Privileges
•
AWS-MWAA-Web-Server-Public-Access
•
AWS-Neptune-DB-7-days-backup-retention-enable
•
AWS-Neptune-DB-audit-logs-for-log-export-enable
•
AWS-Neptune-DB-auto-minor-version-upgrade-enable
•
AWS-Neptune-DB-deletion-protection-enable
•
AWS-Neptune-DB-IAM-DB-authentication-enable
•
AWS-Neptune-DB-multi-AZ-High-Availability-enable
•
AWS-Neptune-DB-snapshot-encryption-enable
•
AWS-Neptune-DB-snapshot-sharing-private
•
AWS-Neptune-DB-using-non-default-listening-port
•
AWS-Organizations-Enable-All-Organization-Features
•
AWS-Organizations-Organization-Invite
•
AWS-RDS-database-instances-accessibility-private-only
•
AWS-RDS-DB-master-username-non-default

Blue Hexagon Documentation

/

AWS Misconfiguration Remediations

/

AWS-IAM-SAML-Not-Configured

AWS-IAM-SAML-Not-Configured

Owned by naveen

Dec 06, 2021

1 min read

Loading data...

Severity : Low

Description : SAML providers found. STS can be used.

Blue Hexagon Proprietary

{"serverDuration": 38, "requestCorrelationId": "35b3f581e8b940859b74f47609d3914e"}