{ "rules": { "iam-user-with-policies.json": [ { "comment": "Recommendation1.15 (part 1/2)", "enabled": true, "args": [ "inline", "inline_policies" ], "level": "danger" }, { "comment": "Recommendation1.15 (part 2/2)", "enabled": true, "args": [ "managed", "policies" ], "level": "danger" } ], "iam-password-policy-no-uppercase-required.json": [ { "comment": "recommendation1.5", "enabled": true, "level": "danger" } ], "iam-password-policy-reuse-enabled.json": [ { "comment": "recommendation1.10", "enabled": true, "level": "danger" } ], "iam-password-policy-expiration-threshold.json": [ { "comment": "recommendation1.11", "enabled": true, "args": [ "90" ], "level": "danger" } ], "iam-root-account-used-recently.json": [ { "comment": "recommendation1.1", "enabled": true, "level": "danger" } ], "iam-password-policy-no-number-required.json": [ { "comment": "recommendation1.8", "enabled": true, "level": "danger" } ], "cloudtrail-no-logging.json": [ { "comment": "Recommendation2,1 (part 2/2)", "enabled": true, "level": "danger" } ], "iam-user-without-mfa.json": [ { "comment": "recommendation1.2", "enabled": true, "level": "danger" } ], "iam-password-policy-minimum-length.json": [ { "comment": "recommendation1.9", "enabled": true, "args": [ "14" ], "level": "danger" } ], "ec2-default-security-group-with-rules.json": [ { "comment": "Recommendation4.4", "enabled": true, "level": "warning" } ], "iam-root-account-with-active-keys.json": [ { "comment": "recommendation1.12", "enabled": true, "level": "danger" } ], "cloudtrail-not-configured.json": [ { "comment": "Recommendation2.1 (part 1/2)", "enabled": true, "level": "danger" } ], "iam-user-no-key-rotation.json": [ { "comment": "recommendation1.4", "enabled": true, "args": [ "Active", "90" ], "level": "danger" } ], "iam-password-policy-no-symbol-required.json": [ { "comment": "recommendation1.7", "enabled": true, "level": "danger" } ], "iam-root-account-no-mfa.json": [ { "comment": "recommendation1.13 (partial: no check for hardware vs software)", "enabled": true, "level": "danger" } ], "ec2-security-group-opens-known-port-to-all.json": [ { "comment": "Recommendation4.1", "enabled": true, "args": [ "SSH", "TCP", "22" ], "level": "danger" }, { "comment": "Recommendation4.2", "enabled": true, "args": [ "RDP", "TCP", "3389" ], "level": "danger" } ], "iam-password-policy-no-lowercase-required.json": [ { "comment": "recommendation1.6", "enabled": true, "level": "danger" } ] }, "about": "This ruleset attempts to cover as many recommendations from the CIS Amazon Web Services Foundation v1.0.0 - 02-29-2016. However, Scout2 does not fetch data from CloudWatch. As a result, no recommendations from section 3 \"Monitoring\" are assessed. Furthermore, this ruleset is a work in progress and coverage of sections 1, 2, and 4 is incomplete." }