10
Resources
9
Total Findings
29
Rules Executed
56
Unique Rules
0
Exception
11.329s
Timespent
Summary
EC2 Instance Utilization
Filter
EBSSnapshotDeletedVolume
Cost Optimization- Description
- Snapshot from Deleted Volume: You have EBS snapshots retained from deleted volumes. Use Data Lifecycle Manager to manage them.
- Resources
- ap-southeast-1: EBS::Snapshots
- Recommendation
- Best practices for Amazon EBS Snapshot Management
SGAllPortOpen
Security- Description
- All Ports Open: 2 of security group has all ports open. It is recommended to open only specific ports that are required.
- Resources
- ap-southeast-1: SG::sg-34753642
- us-east-1: SG::sg-9b3e45a4
- Recommendation
- Best practices for Amazon EC2
SGEncryptionInTransit
Security- Description
- Encryption In Transit: 2 of security group has ports enabled without encryption in transit. It is recommended to use ports with encryption in transit
- Resources
- ap-southeast-1: SG::sg-34753642
- us-east-1: SG::sg-9b3e45a4
- Recommendation
- Data protection in Amazon EC2
SGDefaultDisallowTraffic
Security- Description
- Default Security Group with Rules: 2 of default security group have rules. Remove rules in default security group
- Resources
- ap-southeast-1: SG::sg-34753642
- us-east-1: SG::sg-9b3e45a4
- Recommendation
- VPC default security group rules
VPCFlowLogEnabled
Security- Description
- You have 2 VPC has not enable VPC Flow Log. VPC Flow Log provide visibility into network traffic that traverses the VPC.
- Resources
- ap-southeast-1: VPC::vpc-0229dd64
- us-east-1: VPC::vpc-8d976df0
- Label
- Cost Incurred
- Recommendation
- Amazon Elastic Compute Cloud controls
Detail
ap-southeast-1
1. Snapshots
| Check | Current Value | Recommendation |
|---|---|---|
| EBSSnapshotDeletedVolume | snap-0c75e20ba764bba09 | Use Data Lifecycle Manager to manage snapshot |
2. sg-34753642
| Check | Current Value | Recommendation |
|---|---|---|
| SGAllPortOpen | -1 | All ports open. |
| SGEncryptionInTransit | All port allowed | Encryption in Transit |
| SGDefaultDisallowTraffic | Default Security Group with Rules |
3. vpc-0229dd64
| Check | Current Value | Recommendation |
|---|---|---|
| VPCFlowLogEnabled | vpc-0229dd64 | Enable VPC Flow Log |
us-east-1
4. sg-9b3e45a4
| Check | Current Value | Recommendation |
|---|---|---|
| SGAllPortOpen | -1 | All ports open. |
| SGEncryptionInTransit | All port allowed | Encryption in Transit |
| SGDefaultDisallowTraffic | Default Security Group with Rules |
5. vpc-8d976df0
| Check | Current Value | Recommendation |
|---|---|---|
| VPCFlowLogEnabled | vpc-8d976df0 | Enable VPC Flow Log |