Home
Security Hardening
CIS Amazon Web Services Three Tier Web Architecture L1 1.0.0

CIS Amazon Web Services Three Tier Web Architecture L1 1.0.0

Ensure all Customer owned Amazon Machine Images for Application Tier are not shared publicly
Details Amazon Machine Images are an exact duplicate of the instance they were created from and will allow anyone with...
Ensure all Customer owned Amazon Machine Images for Web Tier are not shared publicly
Details Amazon Machine Images (AMI) are an exact duplicate of the instance they were created from and will allow anyone...
Ensure all EBS volumes for App-Tier are encrypted
Details Elastic Block Storage (EBS) volumes can be encrypted using AWS Key Management Service (KMS). In this configuration, encryption and...
Ensure all EBS volumes for Web-Tier are encrypted
Details Elastic Block Storage (EBS) volumes can be encrypted using AWS Key Management Service (KMS). In this configuration, encryption and...
Ensure all resources are correctly tagged
Details Tags enable customers to categorize AWS resources in different ways, for example, by purpose, owner, or environment. Each tag...
Ensure all S3 buckets have policy to require server-side and in transit encryption for all objects stored in bucket.
Details Data in transit is data being accessed over the network, and therefore could be intercepted by someone else on...
Ensure an agent for AWS Cloudwatch Logs is installed within Auto-Scaling Group for Web-Tier
Details You can use CloudWatch Logs to monitor, store and access log files from an Amazon EC2 instance (application or...
Ensure an IAM group for administration purposes is created
Details An IAM group is a collection of IAM users. You can use groups to specify permissions for a collection...
Ensure an IAM policy that allows admin privileges for all services used is created – Policy Exist
Details A policy is a document that formally states one or more permissions. Managed policies are standalone policies that you...
Ensure an IAM policy that allows admin privileges for all services used is created – Review Policy Document
Details A policy is a document that formally states one or more permissions. Managed policies are standalone policies that you...

CIS Amazon Web Services Three Tier Web Architecture L1 1.0.0

Ensure all Customer owned Amazon Machine Images for Application Tier are not shared publicly

Ensure all Customer owned Amazon Machine Images for Web Tier are not shared publicly

Ensure all EBS volumes for App-Tier are encrypted

Ensure all EBS volumes for Web-Tier are encrypted

Ensure all resources are correctly tagged

Ensure all S3 buckets have policy to require server-side and in transit encryption for all objects stored in bucket.

Ensure an agent for AWS Cloudwatch Logs is installed within Auto-Scaling Group for Web-Tier

Ensure an IAM group for administration purposes is created

Ensure an IAM policy that allows admin privileges for all services used is created – Policy Exist

Ensure an IAM policy that allows admin privileges for all services used is created – Review Policy Document