Skip to main content

💼 System Configuration

  • ID: /frameworks/cloudaware/resource-reliability/system-configuration

Description

Policies for identifying improper or undesirable resource configuration to ensure reliability.

Similar

Sub Sections

SectionSub SectionsInternal RulesPoliciesFlagsCompliance

Policies (45)

PolicyLogic CountFlagsCompliance
🛡️ AWS Account Config is not enabled in all regions🟢1🟢 x6no data
🛡️ AWS Account IAM Access Analyzer is not enabled for all regions🟢1🟢 x6no data
🛡️ AWS Athena Workgroup CloudWatch Metrics are not enabled🟢1🟢 x6no data
🛡️ AWS CloudFront Web Distribution uses default SSL/TLS certificate🟢1🟢 x6no data
🛡️ AWS CloudFront Web Distribution uses Dedicated IP for SSL🟢1🟢 x6no data
🛡️ AWS EC2 Auto Scaling Group behind ELB assigns public IP to instances🟢1🟢 x6no data
🛡️ AWS EC2 Auto Scaling Group behind ELB doesn't use ELB health check🟢1🟢 x6no data
🛡️ AWS EC2 Auto Scaling Group Capacity Rebalancing is not enabled🟢1🟢 x6no data
🛡️ AWS EC2 Auto Scaling Group does not span multiple Availability Zones🟢1🟢 x6no data
🛡️ AWS EC2 Instance Detailed Monitoring is not enabled🟢1🟢 x6no data
🛡️ AWS EC2 Instance with an auto-assigned public IP address is in a default subnet🟢1🟢 x6no data
🛡️ AWS EC2 Instance without a public IP address is in a public subnet🟢1🟢 x6no data
🛡️ AWS ECR Repository Image Tag Mutability is set to Mutable🟢1🟢 x6no data
🛡️ AWS EKS Cluster has node IAM role with AmazonEKS_CNI_Policy attached🔴🟢1🔴 x1, 🟢 x6no data
🛡️ AWS Elastic Beanstalk Environment does not have enhanced health reporting enabled🟢1🟢 x6no data
🛡️ AWS ELB Load Balancer Cross-Zone Load Balancing is not enabled🟢1🟢 x6no data
🛡️ AWS ELB Load Balancer is not registered to multiple Availability Zones🟢1🟢 x6no data
🛡️ AWS RDS Aurora Cluster access is not consistent🟢1🟢 x6no data
🛡️ AWS RDS Instance Multi-AZ Deployment is not enabled🟢1🟢 x6no data
🛡️ AWS S3 Bucket Object Lock is not enabled🟠🟢1🟠 x1, 🟢 x6no data
🛡️ AWS S3 Bucket Versioning is not enabled🟢1🟢 x6no data
🛡️ AWS VPC Network ACL is unused🟢1🟢 x6no data
🛡️ AWS VPC VPN Connection does not have both Tunnels up🟢1🟢 x6no data
🛡️ Azure App Service Authentication is disabled and Basic Authentication is enabled🟢1🟢 x6no data
🛡️ Azure Databricks Diagnostic Log Delivery is not configured🟢⚪🟢 x2, ⚪ x1no data
🛡️ Azure Storage Account uses Locally Redundant Storage replication option🟢1🟢 x6no data
🛡️ Azure Subscription Resources Basic SKU is used for production workloads🟢⚪🟢 x2, ⚪ x1no data
🛡️ Azure Virtual Machine is not utilizing Managed Disks🟢1🟢 x6no data
🛡️ Google Cloud Asset Inventory API is not enabled🟢1🟢 x6no data
🛡️ Google Cloud DNS Managed Zone DNSSEC is not enabled🟢1🟢 x6no data
🛡️ Google Cloud MySQL Instance Local_infile Database Flag is not set to off🟢1🟢 x6no data
🛡️ Google Cloud PostgreSQL Instance Log_error_verbosity Database Flag is not set to DEFAULT or stricter🟢1🟢 x6no data
🛡️ Google Cloud PostgreSQL Instance cloudsql.enable_pgaudit Database Flag is not set to on🟢1🟢 x6no data
🛡️ Google Cloud PostgreSQL Instance log_temp_files Database Flag is not set to 0🟢1🟢 x6no data
🛡️ Google Cloud PostgreSQL Instance Log_checkpoints Database Flag is not set to On🟢1🟢 x6no data
🛡️ Google Cloud PostgreSQL Instance Log_connections Database Flag is not set to On🟢1🟢 x6no data
🛡️ Google Cloud PostgreSQL Instance Log_disconnections Database Flag is not set to On🟢1🟢 x6no data
🛡️ Google Cloud PostgreSQL Instance Log_min_error_statement Database Flag is not set to Error or stricter🟢1🟢 x6no data
🛡️ Google Cloud PostgreSQL Instance Log_min_messages Database Flag is not set at minimum to Warning🟢1🟢 x6no data
🛡️ Google Cloud SQL Instance Automated Backups are not configured🟢1🟢 x6no data
🛡️ Google Cloud SQL Server Instance cross db ownership chaining Database Flag is not set to off🟢1🟢 x6no data
🛡️ Google Cloud SQL Server Instance user connections Database Flag is set to a limiting (other than 0) value🟢1🟢 x6no data
🛡️ Google GKE Cluster Alias IP is disabled🟢1🟢 x6no data
🛡️ Google GKE Cluster Alpha cluster features are enabled🟢1🟢 x6no data
🛡️ Google GKE Cluster Node Pool Auto-Repair is disabled🟢1🟢 x6no data