| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [DMS.1] Database Migration Service replication instances should not be public | | 1 | 1 | |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [EMR.1] Amazon EMR cluster primary nodes should not have public IP addresses | | | | |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [ES.2] Elasticsearch domains should not be publicly accessible | | | | |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [Opensearch.2] OpenSearch domains should not be publicly accessible | | | | |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [RDS.1] RDS snapshot should be private | | 1 | 1 | |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [RDS.2] RDS DB Instances should prohibit public access, as determined by the PubliclyAccessible configuration | | 1 | 1 | |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [Redshift.1] Amazon Redshift clusters should prohibit public access | | | | |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [S3.1] S3 general purpose buckets should have block public access settings enabled | | | 1 | |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [S3.2] S3 general purpose buckets should block public read access | | | | |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [S3.3] S3 general purpose buckets should block public write access | | | | |
| 💼 AWS Foundational Security Best Practices v1.0.0 → 💼 [SageMaker.1] Amazon SageMaker AI notebook instances should not have direct internet access | | | | |
| 💼 PCI DSS v4.0 → 💼 1.4.4 System components that store cardholder data are not directly accessible from untrusted networks. | | | 6 | |