diff --git a/src/aws/cis-1.3.0/README.md b/src/aws/cis-1.3.0/README.md index d3f8bdb0..a759cf08 100644 --- a/src/aws/cis-1.3.0/README.md +++ b/src/aws/cis-1.3.0/README.md @@ -53,11 +53,21 @@ Policy Pack based on the [AWS Foundations 1.3.0](https://docs.aws.amazon.com/aud } ``` - +| Rule | Description | +| ------------- | --------------------------------------------------------------------------------------------------------------------------- | +| AWS CIS 1.4 | Ensure no 'root' user account access key exists | +| AWS CIS 1.5 | Ensure MFA is enabled for the 'root user' account | +| AWS CIS 1.6 | Ensure hardware MFA is enabled for the 'root' user account | +| AWS CIS 1.7 | Eliminate use of the root user for administrative and daily tasks | +| AWS CIS 1.8 | Ensure IAM password policy requires minimum length of 14 or greater | +| AWS CIS 1.9 | Ensure IAM password policy prevents password reuse | +| AWS CIS 1.10 | Ensure multi-factor authentication (MFA) is enabled for all IAM users that have a console password | +| AWS CIS 1.12 | Ensure credentials unused for 90 days or greater are disabled | +| AWS CIS 1.13 | Ensure there is only one active access key available for any single IAM user | +| AWS CIS 1.14 | Ensure access keys are rotated every 90 days or less | +| AWS CIS 1.15 | Ensure IAM Users Receive Permissions Only Through Groups | +| AWS CIS 1.16 | Ensure IAM policies that allow full "*:*" administrative privileges are not attached | +| AWS CIS 1.17 | Ensure a support role has been created to manage incidents with AWS Support | +| AWS CIS 1.19 | Ensure that all the expired SSL/TLS certificates stored in AWS IAM are removed | +| AWS CIS 1.20 | Ensure that S3 Buckets are configured with 'Block public access (bucket settings)' | +| AWS CIS 1.21 | Ensure that IAM Access analyzer is enabled |