OSS Bucket allows public internet access
Alibaba Cloud OSS (Object Storage Service) provides storage service to your files and data in the account. The files are...
Blog
EMR Cluster At Rest S3 Encryption Disabled
EMR, Elastic MapReduce, is a managed cluster platform that simplifies running big data frameworks. EMR cluster is a collection of...
SQS queue with public access
Amazon Simple Queue Service (Amazon SQS) offers a secure, durable, and available hosted queue that lets you integrate and decouple...
SNS topics are not encrypted at rest using AWS KMS
Simple Notification Service (SNS) is a managed service that provides message delivery from publishers to subscribers (also known as producers...
EBS unencrypted attached volume
The EBS volume {AwsEc2EbsVolume} which is currently attached to an instance is not encrypted. It is important to encrypt volumes...
Internet Facing EC2 Instance with Broad S3 Access
The internet-facing asset {AwsEc2Instance} ({AwsEc2Instance.InstanceId}) was found to have broad access to S3 via its Instance Profile ({AwsEc2Instance.InstanceProfile}). Access is...
Subdomain supports deprecated TLS encryption
A server under this domain supports a deprecated TLS version. TLS 1.0 and 1.1 have been deprecated by the Internet...
QLDB Ledger encryption not using customer managed key
QLDB is a fully managed ledger database that provides a transparent, immutable, and cryptographically verifiable transaction log owned by a...