Blue Hexagon Documentation

All content
Space settings

Results will update as you type.

•
AWS-IAM-AWS-Support-Role
•
AWS-IAM-Bad-MFA-Policy
•
AWS-IAM-Credentials-Unused
•
AWS-IAM-Credentials-Unused-Max-Days
•
AWS-IAM-expired-SSL-TLS-certificates-removed
•
AWS-IAM-IAM-User-Unauthorized-to-Edit
•
AWS-IAM-Known-Bad-Policy
•
AWS-IAM-Linter
•
AWS-IAM-Maximum-Password-Age
•
AWS-IAM-MFA-Disabled
•
AWS-IAM-Minimum-Password-Length
•
AWS-IAM-Monitoring-Policy-Change-Log-Metric
•
AWS-IAM-No-User-IAM-Policies
•
AWS-IAM-Not-Action-In-Allow
•
AWS-IAM-Password-Expiration
•
AWS-IAM-password-policy-enabled
•
AWS-IAM-Password-Requires-Lowercase
•
AWS-IAM-Password-Requires-Numbers
•
AWS-IAM-Password-Requires-Symbols
•
AWS-IAM-Password-Requires-Uppercase
•
AWS-IAM-Password-Reuse-Prevention
•
AWS-IAM-Policies-Attached-To-Groups
•
AWS-IAM-Policy-With-Full-Privileges
•
AWS-IAM-Root-Access-Keys
•
AWS-IAM-Root-Account-Active-Signing-Certificates
•
AWS-IAM-Root-Account-In-Use
•
AWS-IAM-Root-Hardware-MFA
•
AWS-IAM-Root-MFA-Enabled
•
AWS-IAM-SAML-Not-Configured
•
AWS-IAM-Security-Contact-Info
•
AWS-IAM-Security-Questions-Registered
•
AWS-IAM-SSH-Keys-Rotated
•
AWS-IAM-Unexpected-Admin-Privilege-Principal
•
AWS-IAM-Unexpected-Format-Policy
•
AWS-IAM-Unexpected-S3-Listing-Principal
•
AWS-IAM-Use-Of-Root-Account
•
AWS-IAM-user-access-keys-2-rotated-every-90-days
•
AWS-IAM-Users-MFA-Enabled
•
AWS-IAM-Users-Password-And-Keys
•
AWS-IAM-Users-Password-Last-Used
•
AWS-IAM-Users-Without-MFA
•
AWS-Kinesis-firehose-stream-as-source-has-server-side-encryption
•
AWS-Kinesis-firehose-stream-as-source-uses-CMK-server-side-encryption
•
AWS-Kinesis-Kinesis-Streams-Encrypted
•
AWS-Kinesis-stream-with-direct-PUT-has-server-side-encryption
•
AWS-Kinesis-stream-with-direct-PUT-uses-CMK-server-side-encryption
•
AWS-KMS-App-Tier-KMS-Customer-Master-Key-(CMK)
•
AWS-KMS-CMK-administrator-are-key-users
•
AWS-KMS-CMK-deletion-allowed-to-other-principal
•
AWS-KMS-CMK-deletion-set
•
AWS-KMS-CMK-expiry-set-with-external-key-material
•
AWS-KMS-CMK-full-access-to-root-user-configured
•
AWS-KMS-CMK-KMS-Unused
•
AWS-KMS-CMK-uses-external-key-material
•
AWS-KMS-custom-key-stores-connected-to-cloudHSM
•
AWS-KMS-Keys-Exposed
•
AWS-KMS-KMS-Default-Key-Usage
•
AWS-KMS-KMS-Key-Policy
•
AWS-KMS-KMS-Key-Rotation
•
AWS-KMS-KMS-Scheduled-Deletion
•
AWS-Lambda-env-variable-encrypted-at-rest-uses-CMK
•
AWS-Lambda-env-variable-in-transit-encrytion-uses-aws-helpers
•
AWS-Lambda-excess-permission-removed
•
AWS-Lambda-function-alias-uses-single-trigger
•
AWS-Lambda-function-cross-account-access-disallowed
•
AWS-Lambda-function-uses-single-trigger
•
AWS-Lambda-function-using-unique-role
•
AWS-Lambda-Functions-Contain-Secrets
•
AWS-Lambda-Lambda-Admin-Privileges
•
AWS-Lambda-Lambda-APIs-Cloudtrail
•
AWS-Lambda-Lambda-Environment-Variables-Client-Side-Encryption
•
AWS-Lambda-Lambda-Log-Groups
•
AWS-Lambda-Lambda-Old-Runtimes
•
AWS-Lambda-Lambda-Public-Access
•
AWS-Lambda-Lambda-Tracing-Enabled
•
AWS-Lambda-Lambda-VPC-Config
•
AWS-Lambda-Obsolete-Runtimes
•
AWS-Lambda-Resource-Based-Policy-Public
•
AWS-Lambda-Variables-Contain-Secrets
•
AWS-Lightsail-In-Use
•
AWS-Macie-Enabled
•
AWS-Monitoring-AWS-Config-Change-Log-Metric
•
AWS-Monitoring-CMK-Disable-Deletion-Log-Metric
•
AWS-Monitoring-Config-Change-Log-Metric
•
AWS-Monitoring-Console-Auth-Failure-Log-Metric
•
AWS-Monitoring-MFA-Console-Sign-in-Log-Metric
•
AWS-Monitoring-Nacl-Change-Change-Log-Metric
•
AWS-Monitoring-Network-Gateway-Change-Log-Metric
•
AWS-Monitoring-Root-Account-Usage-Change-Log-Metric
•
AWS-Monitoring-Route-Table-Change-Log-Metric
•
AWS-Monitoring-S3-Policy-Change-Log-Metric
•
AWS-Monitoring-Security-Group-Change-Log-Metric
•
AWS-Monitoring-Unauthorized-API-Call-Log-Metric
•
AWS-Monitoring-VPC-Change-Log-Metric
•
AWS-MWAA-Environment-Admin-Privileges
•
AWS-MWAA-Web-Server-Public-Access
•
AWS-Neptune-DB-7-days-backup-retention-enable
•
AWS-Neptune-DB-audit-logs-for-log-export-enable
•
AWS-Neptune-DB-auto-minor-version-upgrade-enable
•
AWS-Neptune-DB-deletion-protection-enable
•
AWS-Neptune-DB-IAM-DB-authentication-enable
•
AWS-Neptune-DB-multi-AZ-High-Availability-enable
•
AWS-Neptune-DB-snapshot-encryption-enable
•
AWS-Neptune-DB-snapshot-sharing-private
•
AWS-Neptune-DB-using-non-default-listening-port
•
AWS-Organizations-Enable-All-Organization-Features
•
AWS-Organizations-Organization-Invite
•
AWS-RDS-database-instances-accessibility-private-only
•
AWS-RDS-DB-master-username-non-default
•
AWS-RDS-Instance-Security-Group-block-Inbound-from-any-source
•
AWS-RDS-Instances-event-subscription-enable
•
AWS-RDS-MYSQL-backup-binary-log-disable
•
AWS-RDS-MYSQL-backup-configuration-enable
•
AWS-RDS-RDS-Automated-Backups
•
AWS-RDS-RDS-CMK-Encryption
•
AWS-RDS-RDS-Deletion-Protection-Enabled
•
AWS-RDS-RDS-DocumentDB-Minor-Version-Upgrade
•
AWS-RDS-RDS-Encryption-Enabled
•
AWS-RDS-RDS-IAM-Database-Authentication-Enabled
•
AWS-RDS-RDS-Logging-Enabled
•
AWS-RDS-RDS-Multiple-AZ
•
AWS-RDS-RDS-Publicly-Accessible
•
AWS-RDS-RDS-Restorable
•
AWS-RDS-RDS-Snapshot-Encryption
•
AWS-RDS-RDS-Transport-Encryption-Enabled
•
AWS-RDS-Snapshots-Cluster-Public
•
AWS-RDS-SQL-Server-TLS-Version
•
AWS-RDS-VPC-Classic
•
AWS-Redshift-Redshift-Automated-Snapshot-Retention-Period
•
AWS-Redshift-Redshift-Cluster-Allow-Version-Upgrade
•
AWS-Redshift-Redshift-Cluster-Audit-Logging-Enabled
•
AWS-Redshift-Redshift-Cluster-CMK-Encryption
•
AWS-Redshift-Redshift-Cluster-Default-Master-Username
•
AWS-Redshift-Redshift-Cluster-Default-Port
•
AWS-Redshift-Redshift-Cluster-In-VPC
•
AWS-Redshift-Redshift-Desired-Node-Type
•
AWS-Redshift-Redshift-Encryption-Enabled
•
AWS-Redshift-Redshift-Nodes-Count
•
AWS-Redshift-Redshift-Parameter-Group-SSL-Required
•
AWS-Redshift-Redshift-Publicly-Accessible
•
AWS-Redshift-Redshift-Unused-Reserved-Nodes
•
AWS-Redshift-Redshift-User-Activity-Logging-Enabled
•
AWS-Route53-Domain-Auto-Renew
•
AWS-Route53-Domain-Expiry
•
AWS-Route53-Domain-Transfer-Lock
•
AWS-Route53-Foreign-Hosted-Zone
•
AWS-Route53-Route53-Dangling-DNS-Records
•
AWS-AWS-Route53-Zones-are-not-logging-to-Cloudwatch
•
AWS-S3-bucket-block-public-acl-and-uploading-public-object
•
AWS-S3-bucket-enable-remove-access-thru-public-acl
•
AWS-S3-bucket-MFA-delete-enabled
•
AWS-S3-bucket-public-policy-block-cross-account-access
•
AWS-S3-Policies-With-Write-Access
•
AWS-S3-Public
•
AWS-S3-S3-Access-Logging
•
AWS-S3-S3-Bucket-All-Users-Policy
•
AWS-S3-S3-Bucket-Encryption
•
AWS-S3-S3-Bucket-Encryption-Enforcement
•
AWS-S3-S3-Bucket-Encryption-In-Transit
•
AWS-S3-S3-Bucket-Enforce-Object-Encryption
•
AWS-S3-S3-Bucket-Lifecycle-Configuration

Blue Hexagon Documentation

/

AWS Misconfiguration Remediations

/

AWS-Macie-Enabled

AWS-Macie-Enabled

Owned by naveen

Dec 06, 2021

1 min read

Loading data...

Severity : Low

Description : Ensures Macie related IAM roles.

Blue Hexagon Proprietary

{"serverDuration": 15, "requestCorrelationId": "2535951c735d4163911a1907fa4a7dda"}