| π AWS Account EBS Volume Encryption Attribute is not enabled in all regions π’ | 1 | π’ x6 |
| π AWS Account Root User has active access keys π’ | 1 | π’ x6 |
| π AWS EFS File System encryption is not enabled π’ | 1 | π’ x6 |
| π AWS IAM User Access Keys are not rotated every 90 days or less π’ | 1 | π’ x6 |
| π AWS IAM User has more than one active access key π’ | 1 | π’ x6 |
| π AWS IAM User with console and programmatic access set during the initial creation π’ | | π’ x3 |
| π AWS KMS Symmetric CMK Rotation is not enabled π’ | 1 | π’ x6 |
| π AWS RDS Instance Encryption is not enabled π’ | 1 | π’ x6 |
| π Azure Diagnostic Setting Logs export to Storage Account not encrypted with Customer-managed key π’ | 1 | π’ x6 |
| π Azure Key Vault Soft Delete and Purge Protection functions are not enabled π’ | 1 | π’ x6 |
| π Azure MySQL Flexible Server require_secure_transport Parameter is not set to ON π’ | 1 | π’ x6 |
| π Azure Non-RBAC Key Vault stores Keys without expiration date π’ | 1 | π’ x6 |
| π Azure Non-RBAC Key Vault stores Secrets without expiration date π’ | 1 | π’ x6 |
| π Azure RBAC Key Vault stores Keys without expiration date π’ | 1 | π’ x6 |
| π Azure RBAC Key Vault stores Secrets without expiration date π’ | 1 | π’ x6 |
| π Azure SQL Server Transparent Data Encryption Protector is not encrypted with Customer-managed key π’ | 1 | π’ x6 |
| π Azure Storage Account With Critical Data is not encrypted with customer managed key π’ | | π’ x3 |
| π Azure Virtual Machine OS and Data disks are not encrypted with Customer-managed key π’ | 1 | π’ x6 |
| π Unattached Azure Managed Disk is not encrypted with Customer-managed key π’ | 1 | π’ x6 |