Interpretation of the Columns in Benchmark Compliance Rules:
Rule ID: A unique identifier for the specific security rule or check
Title: A brief description of the security issue or misconfiguration
Severity — Low to High: Determines the risk of being exposed to attacks
Service Type: The AWS service affected or evaluated by the rule
Resource Type: The specific AWS resource being audited
| Rule ID | Title | Severity | Service Type | Resource Type |
|---|---|---|---|---|
| CSPM-AWS-2024-0012 | CloudTrail Log File Validation is Disabled | Low | CloudTrail | Trails |
| CSPM-AWS-2024-0104 | No CloudWatch Alarm for”Console Logins without MFA” | Low | CloudWatchLogs | MetricFilter |
| CSPM-AWS-2024-0152 | Ensure that only IMDSv2 is permitted by EC2 Metadata Service. | Medium | EC2 | Instances |
| CSPM-AWS-2024-0160 | IAM instance roles are used for AWS resource access from instances | Medium | EC2 | Instances |
| CSPM-AWS-2024-0166 | Ensure AWS Security Hub is enabled | Medium | SecurityHub | Hub |
