Cloudanix home page

Community
Login
Login

AWS Introduction

Security of your AWS Account

AWS Pricing

AWS Services which determine your cost

AWS Threats

Getting Started with AWS Realtime Events

AWS Misconfigurations

Getting Started with AWS Audit
Permissions required for Misconfigurations Detection
API Gateway Audit
Cloudformation Audit
CloudFront Audit
CloudTrail Audit
Cloudwatch Audit
DynamoDB Audit
EC2 Audit
Elastic Search Audit
ELB Audit
IAM Audit
KMS Audit
Kubernetes Audit
Lambda Audit
RDS Audit
Redshift Audit
Route53 Audit
S3 Audit
Security Groups Audit
SES Audit
SNS Audit
IAM Deep Dive
App Sync Audit
Code Build Audit
Open Search Audit
Shield Audit
SQS Audit

On this page

Checks performed

AWS Misconfigurations

Kubernetes Audit

Checks performed

ECR Repository Tag Should Be Immutable
Endpoints Should Not Be Publicly Accessible
ECS Tasks Should Have Network Mode Set To AWSVPC
ECS Container Insights Should Be Enabled
ECS Tasks Should Be Configured To Run As Non-Privileged
ECS Should Have Readonly Access For Containers
Secrets in Container Environment Variables
ECS Task Definition Log Configuration Should Be Enabled
ECS Task Definitions Has Memory Limit Set
ECS Tasks Should Not Have Root As User
ECS Tasks Should Not Have PidMode As Host
ECS Tasks With Network Mode Host Should Have Limited Permissions
EFS Access Point Should Enforce Root Directory
EFS Access Points User Identity Should Be Enforced
EKS Clusters Encryption Of Secrets Should Be Enabled
Latest ECS Fargate Platform Version Should Be Set
ECR Image Repositories Should Have A Lifecycle Policy Attached
ECR Repositories Should Be Private
Image Vulnerability Scanning Should Be Enabled For Amazon ECR
EKS Clusters Should Have High Availability
EKS Clusters Should Have Logging Enabled
EKS Clusters Should Use The Latest Stable Version of Kubernetes
EKS Cluster Should Allow Inbound Traffic only from Port 443(HTTPS)

KMS Audit Lambda Audit

Powered by Mintlify

Assistant

Responses are generated using AI and may contain mistakes.