You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: packages/wiz/_dev/deploy/docker/files/config-cloud_configuration_finding_full_posture.yml
+4-4Lines changed: 4 additions & 4 deletions
Original file line number
Diff line number
Diff line change
@@ -47,10 +47,10 @@ rules:
47
47
},
48
48
"result": "PASS",
49
49
"rule": {
50
-
"description": "This rule checks if the AWS Root Account has access keys. \nThis rule fails if `AccountAccessKeysPresent` is not set to `0`. Note that it does not take into consideration the status of the keys if present. \nThe root account should avoid using access keys. Since the root account has full permissions across the entire account, creating access keys for it increases the chance that they will be compromised. Instead, it is recommended to create IAM users with predefined roles.\n>**Note** \nSee Cloud Configuration Rule `IAM-207` to see if the Root account's access keys are active.",
50
+
"description": "description",
51
51
"id": "563ed717-4fb6-47fd-929e-9c794e201d0a",
52
52
"name": "Root account access keys should not exist",
53
-
"remediationInstructions": "Perform the following steps, while being signed in as the Root user, in order to delete the root user's access keys via AWS CLI: \n1. Use the following command to list the Root user's access keys. \nCopy the `AccessKeyId` from the output and paste it into the `access-key-id` value in the next step. \n```\naws iam list-access-keys\n```\n2. Use the following command to delete the access key(s). \n```\naws iam delete-access-key /\n --access-key-id <value>\n```\n>**Note** \nOnce an access key is removed, any application using it will not work until a new one is configured for it.",
53
+
"remediationInstructions": "instructions",
54
54
"shortId": "IAM-006"
55
55
},
56
56
"severity": "MEDIUM"
@@ -102,10 +102,10 @@ rules:
102
102
},
103
103
"result": "PASS",
104
104
"rule": {
105
-
"description": "This rule checks if the Virtual Machine (VM) is stopped (and not deallocated) for at least a week. \nThis rule fails if `code: PowerState/stopped` and the timestamp was more than 7 days ago. \nWhen you are logged in to the operating system of an Azure VM, you can issue a command to shut down the server (or via Azure CLI). This will kick you out of the OS and stop all processes but will maintain the allocated hardware (including the IP addresses currently assigned). If you find the VM in the Azure console, you will see the state listed as `Stopped`. The biggest thing you need to know about this state is that **you are still being charged by the hour for this instance**. \nFor cost optimization and management purposes, it is recommended to deallocate (charges no longer apply) VMs that have been stopped for more than a week.",
105
+
"description": "description",
106
106
"id": "56c8890d-ad68-4659-9414-fb0ed7258c31",
107
107
"name": "Virtual Machine should not be stopped (allocated) for more than a week",
108
-
"remediationInstructions": "Perform the following command to deallocate the VM via Azure CLI:\n```\naz vm deallocate\n```",
0 commit comments