Usecase Universe

A collective of use cases for DevOps teams

Browse a variety of 200+ predefined templates to automate all your AWS actions

Create Template
Solutions
All Categories

Security

24 Times Used
22 MAY 2019
IAM user has console login allowed without MFA
IAM
Security

Sends report of IAM users that has control access but MFA is not enabled

EC2 Desired Instance Type
Security
EC2
Security

Determine if the EC2 instances provisioned in your AWS account have the desired instance type(s) established by your organization based on the workload deployed.

Unrestricted DB Security Group
Security
RDS
Security

To determine if your existing RDS DB security groups allow unrestricted access, AWS RDS DB security groups do not allow access from 0.0.0.0/0 in order to reduce the risk of unauthorized access.

AWS Config Configuration Changes
Security
Config
Security

Send report of all the AWS config changes in your AWS account i.e. if any operations like start/stop/put configuration recorder is performed in your AWS account then this workflow will generate a report of it and send it to your email.

Unrestricted DNS Access
EC2
Security
Security

It is AWS best practice to remove entries in security group which allows DNS access from public IP to reduce possibility of breach. Allowing unrestricted DNS access can increase threats such as Denial of Service (DoS) attacks or Distributed Denial of Service (DDoS) attacks.

ElastiCache Redis Multi-AZ
ElastiCache
Security
Security

Ensure that your ElastiCache Redis Cache clusters are using a Multi-AZ deployment configuration to enhance High Availability (HA). To determine if your ElastiCache Redis Cache clusters are using a Multi-AZ configuration.

Elasticsearch Cross Account Access
Security
Security
Elasticsearch Service

Sends a report of AWS ElasticSearch domains which allows access to unauthorized cross users. Allowing untrustworthy cross account access to your AWS ES clusters can lead to unauthorized actions such as uploading, downloading and deleting documents without permission.

Unrestricted Default Security Groups - VPC
Security
VPC
Security

Sends a report of VPC's default Security Groups which are allowing inbound traffic from all the ports.

Unrestricted HTTP Access
EC2
Security
Security

It is AWS best practice to get aware of security groups which allows HTTP access from public IP to reduce possibility of breach. Allowing unrestricted HTTP access can increase threats like hacking, denial-of-service (DoS) attacks and loss of data.

AWS CloudFront Distributions without S3 as an Origin
Security
CloudFront
Security

Sends a report if origin access identity feature is not enabled for all your AWS Cloudfront CDN distributions. With origin access identity enabled, your Amazon Cloudfront distributions can be much more cost effective.

VPC Endpoint Exposed
VPC
Security
Security

Sends a report of all exposed VPC endpoints. Exposed endpoints could lead to security issues due to unauthorised requests made to the supported services.

ElasticSearch Cluster status
Elasticsearch Service
Security
Security

Sends a report of all ElasticSearch Clusters without a healthy status

EC2 Instance In VPC
EC2
Security
Security

Running instances in EC2-VPC instead of EC2-Classic provides better flexibility and control over security, traffic routing and availability.

Unrestricted MongoDB ( 27017) Access
EC2
Security
Security
AWS Best Practices

It is AWS best practice to remove entries in Security Groups which allows MongoDB access from public IP to reduce possibility of breach. Allowing unrestricted MongoDB access can increase threats like hacking, denial-of-service (DoS) attacks and loss of data.

AWS ACM Certificates with Wildcard Domain Names
Certificate Manager
Security
Security
Operational Excellence

Reports all the ACM Certificates which have Wildcard Domain Names.