💼 2.18 Ensure that IAM External Access Analyzer is enabled for all regions (Automated)

ID: /frameworks/cis-aws-v7.0.0/02/18

Description

Enable IAM External Access Analyzer for all resources in each active AWS region.

IAM Access Analyzer is a service that analyzes resource policies to identify resources that can be accessed from outside the account. After the analyzer is enabled, scan results are displayed in the console showing accessible resources. These results help determine whether unintended access is permitted, making it easier for administrators to monitor least privilege access. Access Analyzer analyzes only policies applied to resources within the same AWS region.

Similar

Sections
- /frameworks/cis-aws-v6.0.0/02/19

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 CIS AWS v6.0.0 → 💼 2.19 Ensure that IAM External Access Analyzer is enabled for all regions (Automated)			1		no data

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 CIS AWS v6.0.0 → 💼 2.19 Ensure that IAM External Access Analyzer is enabled for all regions (Automated)			1		no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Policies (1)

Policy	Logic Count	Flags	Compliance
🛡️ AWS Account IAM Access Analyzer is not enabled for all regions🟢	1	🟢 x6	no data

Description​

Similar​

Similar Sections (Take Policies From)​

Similar Sections (Give Policies To)​

Sub Sections​

Policies (1)​