Usecase Universe

A collective of use cases for DevOps teams

Browse a variety of 300+ predefined templates to automate all your AWS actions

Create Template
Solutions
All Categories

Security

24 Times Used
22 MAY 2019
Default Security Group In Use
Security
EC2
Security

To determine if you have any provisioned EC2 instances associated with default security groups. EC2 instances provisioned in your AWS account are not associated with default security groups created alongside with your VPCs in order to enforce using custom and unique security groups that exercise the principle of least privilege.

EC2 Desired Instance Type
Security
EC2
Security

EC2 instances provisioned in your AWS account have the desired instance type(s) established by your organization based on the workload deployed.

AWS CloudFront Distributions without S3 as an Origin
Security
CloudFront
Security

Sends a report if origin access identity feature is not enabled for all your AWS Cloudfront CDN distributions. With origin access identity enabled, your Amazon Cloudfront distributions can be much more cost effective.

Notifies if the Amazon CloudWatch default event bus created within your account allows unknown cross-account event delivery.
CloudWatch
Security
Security
AWS Best Practices

An AWS CloudWatch event bus is a feature that facilitates AWS accounts to share events with each other.Amazon CloudWatch event buses are configured to allow access only to friendly AWS accounts in order to prevent unauthorized users from sharing their CloudWatch events. This is AWS best Paractice to notifiy if the Amazon CloudWatch default event bus created within your account allows unknown cross-account event delivery.

Notify if Cloudwatch event bus allows access to everyone(*).
CloudWatch
Security
AWS Best Practices
Security

An AWS CloudWatch default event bus is a feature that facilitates AWS accounts to share events with each other. This is template notify if your CloudWatch default event bus available within your AWS account allows access to everyone (*). This is AWS best practice to allow only the authorized users to send their events data by managing the permissions defined for the default event bus.

Unrestricted CIFS(TCP 445) access.
EC2
Security

It is AWS best practice to remove entries in security group which allows CIFS access from public IP to reduce possibility of breach. Allowing unrestricted CIFS access can increase threats such as man-in-the-middle attacks (MITM), Denial of Service (DoS) attacks or the Windows Null Session Exploit.

Unrestricted HTTP(80) Access
EC2
Security

It is AWS best practice to remove entries in security group which allows HTTP from public ip to reduce possibility of breach.Allowing unrestricted HTTP access can increase opportunities for malicious activity such as hacking, denial-of-service (DoS) attacks and loss of data.

Unrestricted HTTP Access
EC2
Security
Security

It is AWS best practice to get aware of security groups which allows HTTP access from public IP to reduce possibility of breach. Allowing unrestricted HTTP access can increase threats like hacking, denial-of-service (DoS) attacks and loss of data.

Unrestricted Https Access
EC2
Security
Security
CIS-AWS

It is AWS best practice to get aware of Security Groups which allows HTTPS access from public IP to reduce possibility of breach. Allowing unrestricted HTTPs access can increase threats like hacking, denial-of-service (DoS) attacks and loss of data.

Remove entries in Security Group which allow https access on public ip
EC2
Security

It is AWS best practice to remove entries in security group which allows HTTPS access from public IP to reduce possibility of breach. Allowing unrestricted HTTPS access can increase threats like hacking, denial-of-service (DoS) attacks and loss of data

Remove Entries in Security Groups Which Allow RPC (TCP Port 135) Access From Public IP
EC2
Security
Remediation

It is AWS best practice to remove entries in security group which allows RPC access from public IP to reduce possibility of breach. Allowing unrestricted RPC access can increase threats like hacking, denial-of-service (DoS) attacks and loss of data.

Unrestricted RPC Access
EC2
Security
Security

It is AWS best practice to get aware of Security Groups which allows RPC access from public IP to reduce possibility of breach. Allowing unrestricted RPC access can increase threats like hacking, denial-of-service (DoS) attacks and loss of data.

Unrestricted RDP (3389) Access
EC2
Security

It is AWS best practice to remove entries in security group which allows RDP access from public IP to reduce possibility of breach. Allowing unrestricted RDP access can increase threats like hacking, denial-of-service (DoS) attacks and loss of data.

Remove Entries in Security Groups Which Allow DNS (TCP Port 53 and UDP Port 53) Access From Public IP
EC2
Security

It is AWS best practice to remove entries in security group which allows DNS access from public IP to reduce possibility of breach. Allowing unrestricted DNS access can increase threats such as Denial of Service (DoS) attacks or Distributed Denial of Service (DDoS) attacks.

Unrestricted DNS Access
EC2
Security
Security

It is AWS best practice to remove entries in security group which allows DNS access from public IP to reduce possibility of breach. Allowing unrestricted DNS access can increase threats such as Denial of Service (DoS) attacks or Distributed Denial of Service (DDoS) attacks.