Usecase Universe

A collective of use cases for DevOps teams

Browse a variety of 300+ predefined templates to automate all your AWS actions

Create Template
Solutions
All Categories

Security

24 Times Used
22 MAY 2019
Default Security Group In Use
Security
EC2
Security

To determine if you have any provisioned EC2 instances associated with default security groups. EC2 instances provisioned in your AWS account are not associated with default security groups created alongside with your VPCs in order to enforce using custom and unique security groups that exercise the principle of least privilege.

Unrestricted Oracle Database Access (azure)
Network Security
Azure CIS
Security

Sends a report of network security groups which are open to public via oracle port

EC2 Desired Instance Type
Security
EC2
Security

EC2 instances provisioned in your AWS account have the desired instance type(s) established by your organization based on the workload deployed.

Unrestricted PostgreSQL Database Access (azure)
Network Security
Azure CIS
Security

Sends a report of network security groups which are open to public via PostgreSQL port

Unrestricted MySQL Database Access (azure)
Azure CIS
Security
Network Security

Sends a report of the network security groups, if they are open to public via MySQL port.

S3 Bucket Public 'WRITE' Access
S3
Security

Sends a report of all S3 Buckets that provide Public 'WRITE' Access. Providing this access will allow unauthorised users the ability to delete, change and add objects in your S3 Buckets.

AWS CloudFront Distributions without S3 as an Origin
Security
CloudFront
Security

Sends a report if origin access identity feature is not enabled for all your AWS Cloudfront CDN distributions. With origin access identity enabled, your Amazon Cloudfront distributions can be much more cost effective.

Notifies if the Amazon CloudWatch default event bus created within your account allows unknown cross-account event delivery.
CloudWatch
Security
Security
AWS Best Practices

An AWS CloudWatch event bus is a feature that facilitates AWS accounts to share events with each other.Amazon CloudWatch event buses are configured to allow access only to friendly AWS accounts in order to prevent unauthorized users from sharing their CloudWatch events. This is AWS best Paractice to notifiy if the Amazon CloudWatch default event bus created within your account allows unknown cross-account event delivery.

Notify if Cloudwatch event bus allows access to everyone(*).
CloudWatch
Security
AWS Best Practices
Security

An AWS CloudWatch default event bus is a feature that facilitates AWS accounts to share events with each other. This is template notify if your CloudWatch default event bus available within your AWS account allows access to everyone (*). This is AWS best practice to allow only the authorized users to send their events data by managing the permissions defined for the default event bus.

Unrestricted HTTP Access
EC2
Security
Security

It is AWS best practice to get aware of security groups which allows HTTP access from public IP to reduce possibility of breach. Allowing unrestricted HTTP access can increase threats like hacking, denial-of-service (DoS) attacks and loss of data.

Unrestricted Https Access
EC2
Security
Security
CIS-AWS

It is AWS best practice to get aware of Security Groups which allows HTTPS access from public IP to reduce possibility of breach. Allowing unrestricted HTTPs access can increase threats like hacking, denial-of-service (DoS) attacks and loss of data.

Unrestricted RPC Access
EC2
Security
Security

It is AWS best practice to get aware of Security Groups which allows RPC access from public IP to reduce possibility of breach. Allowing unrestricted RPC access can increase threats like hacking, denial-of-service (DoS) attacks and loss of data.

Unrestricted DNS Access
EC2
Security
Security

It is AWS best practice to remove entries in security group which allows DNS access from public IP to reduce possibility of breach. Allowing unrestricted DNS access can increase threats such as Denial of Service (DoS) attacks or Distributed Denial of Service (DDoS) attacks.

Redshift Cluster Default Master Username
Security
Security
Amazon Redshift

Sends a report if the default master username is used in the Redshift Cluster. Changing to a custom username enhances the protection of AWS Redshift Clusters against hacking.

S3 Bucket with Public 'READ' Access
Security
Security
S3

Sends a report of S3 buckets which have Public READ Access