Better Benchmark Coverage v0.2.2

This release includes all Level 1 and Level 2 CloudTrail alarms, recommended by the CIS AWS Foundations Benchmark.

Bug fix - v0.2.1

This release fixes a bug with the bucket policy remediation function.

S3 Remediation, Slack Integration v0.2.0

This release includes major changes:

• Auto-remediation for S3 public buckets
• Slack integration
  
• The directory structure has been updated for clarity
• CloudTrail is now enabled automatically
• CloudTrail Monitoring alerts

Support for remote state storage v0.1.2

This release enables remote Terraform state storage using the S3 backend.

Naming convention updates v0.1.1

Under-the-hood naming convention updates and additional comments.

Defendable design for AWS initial release v0.1.0

Defendable design for AWS

Initial release v0.1.0

The initial release of the Defendable Design pattern for AWS enables AWS Config and configures five AWS Config Rules.

• Check-CloudTrail-Enabled
  • AWS rule: Validates that CloudTrail is enabled.
• Check-IAM-PasswordPolicy
  • AWS rule: Validates that an IAM Password Policy is configured.
• Check-EC2-OpenPorts
  • Custom rule: Checks for dangerous security group rules which open prohibited ports to the internet.
  • Supports automatic remediation of dangerous changes
• Check-S3-PublicRead
  • AWS rule: Checks for S3 buckets with public read permissions
• Check-S3-PublicWrite
  • AWS rule: Checks for S3 buckets with public write permissions