AWS Cloudformation Audit

Audit your Cloudformation to safe gaurd your data

What we do?

CloudFormation Deletion Policy Should Be in Use

A deletion policy, implemented with the DeletionPolicy attribute, should be used for your Amazon CloudFormation stacks in order preserve or backup AWS resources when the stacks are deleted.

AWS CloudFormation Drift Detection

Your AWS CloudFormation stacks should not be drifted from their expected template configuration. A CloudFormation stack is considered to have drifted from its configuration if one or more of its resources have been drifted.

CloudFormation (or IaC) Should Be Used

Amazon CloudFormation should be used within your AWS account to automate your cloud infrastructure management and deployment.

CloudFormation Stacks Should Not Have A Failed Status

None of your Amazon CloudFormation stacks should be in Failed mode for more than 6 hours. Any failed CloudFormation stacks that are not fixed on time can lead to application downtime, security issues or unexpected costs on your AWS bill.

CloudFormation Stack Policy Should Use A Fail-Safe Mechanism

Your AWS CloudFormation stacks should be using policies as a fail-safe mechanism in order to prevent accidental updates to stack resources.

CloudFormation Stack Should Have An IAM Role

The IAM service role associated with your Amazon CloudFormation stack should adhere to the principle of least privilege in order avoid unwanted privilege escalation.

AWS CloudFormation Stack Should Have Notifications Enabled

All your AWS CloudFormation stacks should be using Simple Notification Service (AWS SNS) in order to receive notifications when an event occurs.

AWS CloudFormation Stacks Should Have Termination Protection Enabled

Amazon CloudFormation stacks should have Termination Protection feature enabled in order to protect them from being accidentally deleted.


Not ready for a free signup yet? No worries!

We suggest you use the checklist!

If you are not yet convinced to sign up with Cloudanix, that's not a problem. We recommend you use a comprehensive checklist which your team can use to perform a manual assessment of your workload.