Finish "Security, Identity & Compliance" rules - Githubissues

pulumi / pulumi-policy-aws

A policy pack of rules to enforce AWS best practices for security, reliability, cost, and more!

https://www.pulumi.com

Apache License 2.0

34 stars 6 forks source link

Finish "Security, Identity & Compliance" rules #14

Open ekrengel opened 4 years ago

ekrengel commented 4 years ago

Tracking Spreadsheet

[ ] access-keys-rotated
[ ] acm-certificate-expiration-check
[ ] cmk-backing-key-rotation-enabled
[ ] fms-shield-resource-policy-check
[ ] fms-webacl-resource-policy-check
[ ] fms-webacl-rulegroup-association-check
[ ] guardduty-enabled-centralized
[ ] iam-group-has-users-check
[ ] iam-password-policy
[ ] iam-policy-blacklisted-check
[ ] iam-policy-no-statements-with-admin-access
[ ] iam-role-managed-policy-check
[ ] iam-root-access-key-check
[ ] iam-user-group-membership-check
[ ] iam-user-mfa-enabled
[ ] iam-user-no-policies-check
[ ] iam-user-unused-credentials-check
[ ] mfa-enabled-for-iam-console-access
[ ] root-account-hardware-mfa-enabled
[ ] root-account-mfa-enabled

Definition of Done:

Written in new API format
Configurable in an exported function - example
Unit tests
Integrations tests