aws-guard-rules-registry

aws-guard-rules-registry copied to clipboard

(rules): Create an AWS Foundational Security Best Practices (FSBP) rule set

2

### Description Security Hub has the AWS Foundational Security Best Practices standard: https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-standards-fsbp.html It would be nice if there was a rule set for this standard too ### Use Case...

benbridts

fix: syntax error

2

Note that this leads to tests failing (so there are probably logic errors too) see also https://github.com/aws-cloudformation/aws-guard-rules-registry/pull/228 --- *By submitting this pull request, I confirm that my contribution is made...

benbridts

feat(rules): add (limited) deprecation rules

1

- Allow Origin Access Control in addition to Origin Access Identity - Add rule for Origin Access Identity deprecation Submitting as draft, because I'm having trouble running tests locally (even...

benbridts

Add [dynamodb_throughput_limit_check](https://github.com/aws-cloudformation/aws-cloudformation-guard-rules-registry/blob/main/rules/aws/dynamodb/dynamodb_throughput_limit_check.guard) cfn-guard rule for AWS Config managed rule [dynamodb-throughput-limit-check](https://docs.aws.amazon.com/config/latest/developerguide/dynamodb-throughput-limit-check.html). 1. Determine if AWS Config rule can be represented as an AWS cfn-guard rule 2. Develop cfn-guard rule in file...

grolston

Add [dynamodb_in_backup_plan](https://github.com/aws-cloudformation/aws-cloudformation-guard-rules-registry/blob/main/rules/aws/dynamodb/dynamodb_in_backup_plan.guard) cfn-guard rule for AWS Config managed rule [dynamodb-in-backup-plan](https://docs.aws.amazon.com/config/latest/developerguide/dynamodb-in-backup-plan.html). 1. Determine if AWS Config rule can be represented as an AWS cfn-guard rule 2. Develop cfn-guard rule in file...

grolston

Add [dynamodb_resources_protected_by_backup_plan](https://github.com/aws-cloudformation/aws-cloudformation-guard-rules-registry/blob/main/rules/aws/dynamodb/dynamodb_resources_protected_by_backup_plan.guard) cfn-guard rule for AWS Config managed rule [dynamodb-resources-protected-by-backup-plan](https://docs.aws.amazon.com/config/latest/developerguide/dynamodb-resources-protected-by-backup-plan.html). 1. Determine if AWS Config rule can be represented as an AWS cfn-guard rule 2. Develop cfn-guard rule in file...

grolston

Add [dax_encryption_enabled](https://github.com/aws-cloudformation/aws-cloudformation-guard-rules-registry/blob/main/rules/aws/dax/dax_encryption_enabled.guard) cfn-guard rule for AWS Config managed rule [dax-encryption-enabled](https://docs.aws.amazon.com/config/latest/developerguide/dax-encryption-enabled.html). 1. Determine if AWS Config rule can be represented as an AWS cfn-guard rule 2. Develop cfn-guard rule in file...

grolston

Add [autoscaling_group_elb_healthcheck_required](https://github.com/aws-cloudformation/aws-cloudformation-guard-rules-registry/blob/main/rules/aws/amazon_ec2_auto_scaling/autoscaling_group_elb_healthcheck_required.guard) cfn-guard rule for AWS Config managed rule [autoscaling-group-elb-healthcheck-required](https://docs.aws.amazon.com/config/latest/developerguide/autoscaling-group-elb-healthcheck-required.html). 1. Determine if AWS Config rule can be represented as an AWS cfn-guard rule 2. Develop cfn-guard rule in file...

grolston

Add [autoscaling_launch_config_public_ip_disabled](https://github.com/aws-cloudformation/aws-cloudformation-guard-rules-registry/blob/main/rules/aws/amazon_ec2_auto_scaling/autoscaling_launch_config_public_ip_disabled.guard) cfn-guard rule for AWS Config managed rule [autoscaling-launch-config-public-ip-disabled](https://docs.aws.amazon.com/config/latest/developerguide/autoscaling-launch-config-public-ip-disabled.html). 1. Determine if AWS Config rule can be represented as an AWS cfn-guard rule 2. Develop cfn-guard rule in file...

grolston

Add [secretsmanager_scheduled_rotation_success_check](https://github.com/aws-cloudformation/aws-cloudformation-guard-rules-registry/blob/main/rules/aws/secrets_manager/secretsmanager_scheduled_rotation_success_check.guard) cfn-guard rule for AWS Config managed rule [secretsmanager-scheduled-rotation-success-check](https://docs.aws.amazon.com/config/latest/developerguide/secretsmanager-scheduled-rotation-success-check.html). 1. Determine if AWS Config rule can be represented as an AWS cfn-guard rule 2. Develop cfn-guard rule in file...

grolston