search

aws-cloudformation / aws-guard-rules-registry

Rules Registry for Compliance Frameworks
Apache License 2.0
105 stars 21 forks source link

feat: new guard rules #233

Closed grolston closed 1 year ago

grolston commented 1 year ago

Issue #, if available: closes #84 closes #10 closes #59 closes #131 closes #54 closes #52 closes #14 closes #55 closes #16 closes #135 closes #83 closes #82 closes #53 closes #89 closes #104

Description of changes: Adding in a series of new guard rules that are best-effort mapped to AWS Config rules. Rules include:

  1. autoscaling_launch_config_disabled
  2. emr_kerberos_enabled
  3. fsx_resources_protected_by_backup
  4. sagemaker_endpoint_configuration_kms_key_configured
  5. sagemaker_notebook_instance_kms_key_configured
  6. sagemaker_notebook_no_direct_internet_access
  7. sns_encrypted_kms
  8. cmk_backing_key_rotation_enabled
  9. codebuild_project_envvar_awscred_check
  10. codebuild_project_source_repo_url_check
  11. dax_encryption_enabled
  12. dynamodb_table_encrypted_kms
  13. elasticache_redis_cluster_automatic_backup_check
  14. secretsmanager_rotation_enabled_check
  15. secretsmanager_using_cmk

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license