Policies
AWS
Auto Scaling
ASG
CloudFront
Distribution
CloudTrail
Trail
CloudWatch
LogGroup
Cloudformation
Stack
DynamoDB
Table
- AWS DynamoDB Tables should have Deletion Protection enabled
- AWS ECR Repositories should have a lifecycle policy configured
- AWS Kinesis Streams should be encrypted
- DynamoDB Stale Data Table
EC2
EIP
Instance
- AWS EC2 Idle Instance Detection
- AWS EC2 Instances should not use outdated instance types
- EC2 Instances ARM Processor
NAT Gateway
Snapshot
VPC Endpoint
Volume
- AWS EBS GP2 Volume
- AWS EBS High IOPS Volumes
- AWS EBS Low IOPS Volumes
- AWS EBS Low Usage Volumes
- AWS EBS Volume Attached to Stopped Instances
- AWS EBS Volume Size
- AWS EBS Volume Unattached
- AWS EBS io1 Volume
ECS
Cluster
Task
EFS
File System
EKS
Node Group
ELB
Load Balancer
- AWS ALB Low Traffic Detector
- AWS ALB No Targets
- AWS Classic Load Balancer
- AWS NLB Low Traffic Policy
- AWS NLB Without Targets
- Check AWS Classic Load Balancer Low Traffic
- EC2 Gateway LB No Targets
- GWLB Low Usage Detector
ElastiCache
Cluster
- AWS ElastiCache Low Connection Count
- ElastiCache Instances should leverage ARM instances
- ElastiCache Low Utilization Check
Kendra
Index
Lambda
Function
- AWS Lambda Error Rate
- AWS Lambda Functions should not have an excessive number of old versions
- AWS Lambda Timeout Policy
- AWS Lambdas should leverage ARM instances
Neptune
Cluster
DB
OpenSearch
Domain
RDS
DB
- AWS RDS DB CPU Utilization
- AWS RDS DB Instances should automatically create backups
- AWS RDS DB Instances should automatically version upgrade
- AWS RDS DB Instances should have deletion protection enabled
- AWS RDS DB Instances should have deletion protection enabled
- AWS RDS DB Instances should have performance insights enabled
- AWS RDS DB Instances should not be publicly accessible
- AWS RDS DB Instances should use encrypted storage
- AWS RDS DBClusters should leverage ARM instances
- AWS RDS Idle DBInstance Check
- AWS RDS Low Connections
- AWS RDS Outdated Instance
- AWS RDS should use ARM Instances