Defendable design for AWS
Initial release v0.1.0
The initial release of the Defendable Design pattern for AWS enables AWS Config and configures five AWS Config Rules.
- AWS rule: Validates that CloudTrail is enabled.
- AWS rule: Validates that an IAM Password Policy is configured.
- Custom rule: Checks for dangerous security group rules which open prohibited ports to the internet.
- Supports automatic remediation of dangerous changes
- AWS rule: Checks for S3 buckets with public read permissions
- AWS rule: Checks for S3 buckets with public write permissions