Interpretation of the Columns in Benchmark Compliance Rules:
Rule ID: A unique identifier for the specific security rule or check
Title: A brief description of the security issue or misconfiguration
Severity — Low to High: Determines the risk of being exposed to attacks
Service Type: The AWS service affected or evaluated by the rule
Resource Type: The specific AWS resource being audited
| Rule ID | Title | Severity | Service Type | Resource Type |
|---|---|---|---|---|
| CSPM-AWS-2024-0068 | Passwords Expiration Threshold is not configured or exceeds the specified Limit | Medium | IAM | AccountPasswordPolicy |
| CSPM-AWS-2024-0069 | The minimum Password Length for IAM is short | Medium | IAM | AccountPasswordPolicy |
| CSPM-AWS-2024-0071 | Password Policy Does Not Mandate Lowercase Characters | Medium | IAM | AccountPasswordPolicy |
| CSPM-AWS-2024-0072 | Password Policy Does Not Mandate a Number | Medium | IAM | AccountPasswordPolicy |
| CSPM-AWS-2024-0073 | Password Policy Does Not Mandate a Symbol | Medium | IAM | AccountPasswordPolicy |
| CSPM-AWS-2024-0074 | Password Policy Does Not Mandate Uppercase Characters | Medium | IAM | AccountPasswordPolicy |
| CSPM-AWS-2024-0075 | Password Policy Allows Reuse of Passwords | Medium | IAM | AccountPasswordPolicy |
| CSPM-AWS-2024-0088 | User Holding Multiple API Keys | Critical | IAM | AccessKey |
| CSPM-AWS-2024-0089 | User with Enabled Keys and Password | Critical | IAM | AccessKey |
| CSPM-AWS-2024-0091 | User without MFA | Critical | IAM | Users |
| CSPM-AWS-2024-0501 | Ensure Existence of IAM Users | High | IAM | User |
| CSPM-AWS-2024-0078 | No MFA for Root Account | Critical | IAM | CredentialReport |
| CSPM-AWS-2024-0077 | No Hardware MFA for Root Accounts | Critical | IAM | CredentialReport |
| CSPM-AWS-2024-0067 | No authorized user is allowed to handle issues with Amazon Support | Critical | IAM | Policies |
| CSPM-AWS-2024-0079 | Root account used recently | Critical | IAM | CredentialReport |
| CSPM-AWS-2024-0161 | User without MFA, Multi-factor authentication (MFA) not enabled for all IAM users that have a console password | Critical | IAM | CredentialReport |
| CSPM-AWS-2024-0091 | User without MFA, Multi-factor authentication (MFA) not enabled for all IAM users that have a console password | Critical | IAM | CredentialReport |
| CSPA-AWS-2024-0028 | User without MFA, Multi-factor authentication (MFA) not enabled for all IAM users that have a console password | Critical | IAM | CredentialReport |
