AWS Security Configuration Policy

Open Raven provides a set of default Policy Sets. This is a list of Rules that check basic AWS security configuration settings.

Rule Name

Description

Internet wide AWS security groups

AWS security groups should not have wildcards and be open to the world.

Open S3 buckets

S3 buckets should not be made public to the Internet.

Open Elastic Search servers

Elasticsearch servers should not be made public to the Internet.

MFA enabled

Multi-Factor Authentication should be required for all by admins access to any asset.

Delete protection

Delete protection should be enabled on all data stores.