View Categories

Understand SecPod Global Rules in AWS

Print Friendly, PDF & Email

Interpretation of the Columns in Benchmark Compliance Rules:

Rule ID: A unique identifier for the specific security rule or check

Title: A brief description of the security issue or misconfiguration

Severity — Low to High: Determines the risk of being exposed to attacks

Service Type: The AWS service affected or evaluated by the rule

Resource Type: The specific AWS resource being audited

Rule IDTitleSeverityService TypeResource Type
CSPM-AWS-2024-0004Clear-Text Origin, a potential to expose sensitive data in AWS CloudFront Content DistributionsHighCloudFrontDistributions
CSPM-AWS-2024-0055IAM Group uses Inline Policies instead of Managed PoliciesMediumIAMPolicy
CSPM-AWS-2024-0056IAM Group with No UsersLowIAMGroup
CSPM-AWS-2024-0066Managed Policy Not Attached to Any EntityLowIAMManagedPolicy
CSPM-AWS-2024-0068Passwords Expiration Threshold Is Not Configured Or Exceeds The Specified LimitMediumIAMAccountPasswordPolicy
CSPM-AWS-2024-0069The Minimum Password Length for IAM is Short.MediumIAMAccountPasswordPolicy
CSPM-AWS-2024-0070Password Expiration DisabledHighIAMAccountPasswordPolicy
CSPM-AWS-2024-0071Password Policy Does Not Mandate Lowercase CharactersMediumIAMAccountPasswordPolicy
CSPM-AWS-2024-0072Password Policy Does Not Mandate a NumberMediumIAMAccountPasswordPolicy
CSPM-AWS-2024-0073Password Policy Does Not Mandate a SymbolMediumIAMAccountPasswordPolicy
CSPM-AWS-2024-0074Password Policy Does Not Mandate Uppercase CharactersMediumIAMAccountPasswordPolicy
CSPM-AWS-2024-0075Password Policy Allows Reuse of PasswordsMediumIAMAccountPasswordPolicy
CSPM-AWS-2024-0076IAM Role uses Inline Policies instead of Managed PoliciesMediumIAMPolicy
CSPM-AWS-2024-0082Password-Enabled Service UserCriticalIAMCredentialReport
CSPM-AWS-2024-0084Inadequate Key Rotation for 90 DaysCriticalIAMAccessKey
CSPM-AWS-2024-0088User Holding Multiple API KeysCriticalIAMAccessKey
CSPM-AWS-2024-0089User with Enabled Keys and PasswordCriticalIAMAccessKey
CSPM-AWS-2024-0091User without MFACriticalIAMUsers
CSPM-AWS-2024-0161Multi-factor authentication (MFA) not enabled for all IAM users that have a console passwordCriticalIAMCredentialReport
CSPM-AWS-2024-0501Ensure Existence of IAM UsersHighIAMUser