Interpretation of the Columns in Benchmark Compliance Rules:
Rule ID: A unique identifier for the specific security rule or check
Title: A brief description of the security issue or misconfiguration
Severity — Low to High: Determines the risk of being exposed to attacks
Service Type: The AWS service affected or evaluated by the rule
Resource Type: The specific AWS resource being audited
| Rule ID | Title | Severity | Service Type | Resource Type |
|---|---|---|---|---|
| CSPM-AWS-2024-0069 | The Minimum Password Length for IAM is Short | Medium | IAM | AccountPasswordPolicy |
| CSPM-AWS-2024-0075 | Password Policy Allows Reuse of Passwords | Low | IAM | AccountPasswordPolicy |
| CSPM-AWS-2024-0084 | Inadequate Key Rotation for 90 Days | Medium | IAM | AccessKey |
| CSPM-AWS-2024-0088 | User Holding Multiple API Keys | Critical | IAM | AccessKey |
| CSPM-AWS-2024-0161 | Multi-factor authentication (MFA) not enabled for all IAM users that have a console password | High | IAM | CredentialReport |
