Usecase Universe

A collective of use cases for DevOps teams

Browse a variety of 200+ predefined templates to automate all your AWS actions

Create Template
Solutions
All Categories

AWS Best Practices

24 Times Used
22 MAY 2019
Security Group internet accessibility Report
AWS Best Practices
AWS Best Practices
VPC

Sends a report of all the VPC'c whose tunnel State is down

Reserved Instance Lease Expiration (7 Days)
AWS Best Practices
EC2
AWS Best Practices

Checks for Amazon EC2 Reserved Instances that are scheduled to expire within the next 7 days

Hardware MFA On Root Account
AWS Best Practices
AWS Best Practices
IAM

Checks the root account and warns if hardware multi-factor authentication (MFA) is not enabled

ELB Security Groups Missing
AWS Best Practices
AWS Best Practices
ELB

Checks for load balancers configured with a missing security group or a security group that allows access to ports that are not configured for the load balancer.

ELB Listener Security
AWS Best Practices
AWS Best Practices
ELB

Checks for load balancers with listeners that do not use recommended security configurations for encrypted communication. AWS recommends using a secure protocol (HTTPS or SSL), up-to-date security policies, and ciphers and protocols that are secure.

ELB Connection Draining Enabled
AWS Best Practices
AWS Best Practices
ELB

Checks for load balancers that do not have connection draining enabled. When connection draining is not enabled and you remove (deregister) an Amazon EC2 instance from a load balancer, the load balancer stops routing traffic to that instance and closes the connection.

AWS Direct Connect Virtual Interface Redundancy
AWS Best Practices
AWS Best Practices
Direct Connect

Checks for virtual private gateways with AWS Direct Connect virtual interfaces (VIFs) that are not configured on at least two AWS Direct Connect connections. Connectivity to your virtual private gateway should have multiple virtual interfaces configured across multiple Direct Connect connections and locations to provide redundancy in case a device or location is unavailable.

Amazon Route 53 High TTL Resource Record Sets
AWS Best Practices
AWS Best Practices
Route 53

Checks for resource record sets that can benefit from having a lower time-to-live (TTL) value. Presently checking for a threshold of 600 seconds. TTL is the number of seconds that a resource record set is cached by DNS resolvers.

Amazon Route 53 And SPF Resource Record Sets
AWS Best Practices
AWS Best Practices
Route 53

Checks for an SPF resource record set for each MX resource record set. An SPF (sender policy framework) record publishes a list of servers that are authorized to send email for your domain, which helps reduce spam by detecting and stopping email address spoofing.

Auto Scaling Group Instance Health Check
AWS Best Practices
AWS Auto Scaling
AWS Best Practices

Ensure your AWS Auto Scaling Group (ASG) health check feature is properly configured to detect whether its registered EC2 instances are healthy or not.

Aurora Database Instance Accessibility
AWS Best Practices
RDS
AWS Best Practices

Ensure that all the database instances within your Amazon Aurora clusters have the same accessibility (either public or private)

AWS Direct Connect Location Redundancy
AWS Best Practices

Checks for virtual private gateways with AWS Direct Connect virtual interfaces (VIFs) that are not configured on at least two AWS Direct Connect connections. Connectivity to your virtual private gateway should have multiple virtual interfaces configured across multiple Direct Connect connections and locations to provide redundancy in case a device or location is unavailable.

AWS Direct Connect Connection Redundancy
AWS Best Practices

Checks for regions that have only one AWS Direct Connect connection. Connectivity to your AWS resources should have two Direct Connect connections configured at all times to provide redundancy in case a device is unavailable.

DNS Compliant S3 Bucket Names
AWS Best Practices
S3
AWS Best Practices

Ensure that your AWS S3 buckets are using DNS-compliant bucket names in order to adhere to AWS best practices

Unrestricted MongoDB ( 27017) Access
EC2
Security
Security
AWS Best Practices

It is AWS best practice to remove entries in Security Groups which allows MongoDB access from public IP to reduce possibility of breach. Allowing unrestricted MongoDB access can increase threats like hacking, denial-of-service (DoS) attacks and loss of data.