The HIPAA Security Rule ensures patients and their Protected Health Information (ePHI) are protected, as well as healthcare facilities and health insurance providers.
To read more about HIPAA security rule, please visit HIPAA home page .

HIPAA non-compliance issues (214)
Severity Non-Compliance Region Resource Issue Remediation Read more Action
EC2 Medium CIS 2.2.1 PCI DSS 3.5 HIPAA (Encryption) us-east-1 vol-004919a0d32e05d34 No EBS encryption found. Enable EBS encryption, either using encryption by default or by enabling encryption when you create a volume that you want to encrypt. More info
EC2 Medium CIS 2.2.1 PCI DSS 3.5 HIPAA (Encryption) us-east-1 vol-074257a397fadc9ec No EBS encryption found. Enable EBS encryption, either using encryption by default or by enabling encryption when you create a volume that you want to encrypt. More info
EC2 Low CIS 5.4 PCI DSS (Networking) HIPAA (Networking) us-east-1 sg-0be4454dc243daa89 Default security group with 2 inbound and 1 outbound rules. Review inbound and outbound rules for any default security group. More info
EC2 Low CIS 5.4 PCI DSS (Networking) HIPAA (Networking) us-east-1 sg-0cf4e19eb2fc096da Default security group with 1 inbound and 1 outbound rules. Review inbound and outbound rules for any default security group. More info
EC2 Low CIS 5.4 PCI DSS (Networking) HIPAA (Networking) us-east-1 sg-0f1857e87433d40ce Default security group with 2 inbound and 1 outbound rules. Review inbound and outbound rules for any default security group. More info
EC2 Low CIS 5.4 PCI DSS (Networking) HIPAA (Networking) us-east-2 sg-0350acc1c67617b6d Default security group with 1 inbound and 1 outbound rules. Review inbound and outbound rules for any default security group. More info
EC2 Low CIS 5.4 PCI DSS (Networking) HIPAA (Networking) us-east-2 sg-071bb37c316ae7808 Default security group with 1 inbound and 1 outbound rules. Review inbound and outbound rules for any default security group. More info
EC2 Low CIS 5.4 PCI DSS (Networking) HIPAA (Networking) us-east-2 sg-0a8cef89f1e98930c Default security group with 1 inbound and 1 outbound rules. Review inbound and outbound rules for any default security group. More info
EC2 Low CIS 5.4 PCI DSS (Networking) HIPAA (Networking) us-east-2 sg-0cbbda7c Default security group with 1 inbound and 1 outbound rules. Review inbound and outbound rules for any default security group. More info
EC2 Low CIS 5.4 PCI DSS (Networking) HIPAA (Networking) us-east-2 sg-0fa59556ef2020a9e Default security group with 1 inbound and 1 outbound rules. Review inbound and outbound rules for any default security group. More info
EC2 Low CIS 5.4 PCI DSS (Networking) HIPAA (Networking) us-west-1 sg-f46b0b82 Default security group with 1 inbound and 1 outbound rules. Review inbound and outbound rules for any default security group. More info
EC2 Medium CIS 2.2.1 PCI DSS 3.5 HIPAA (Encryption) us-west-2 vol-05830c14eadc21ea2 No EBS encryption found. Enable EBS encryption, either using encryption by default or by enabling encryption when you create a volume that you want to encrypt. More info
EC2 Medium CIS 2.2.1 PCI DSS 3.5 HIPAA (Encryption) us-west-2 vol-06d98619c32de5968 No EBS encryption found. Enable EBS encryption, either using encryption by default or by enabling encryption when you create a volume that you want to encrypt. More info
EC2 Medium CIS 2.2.1 PCI DSS 3.5 HIPAA (Encryption) us-west-2 vol-0ee3ff4a2100dc2f3 No EBS encryption found. Enable EBS encryption, either using encryption by default or by enabling encryption when you create a volume that you want to encrypt. More info
EC2 Medium CIS 2.2.1 PCI DSS 3.5 HIPAA (Encryption) us-west-2 vol-0dbacadab7b315e80 No EBS encryption found. Enable EBS encryption, either using encryption by default or by enabling encryption when you create a volume that you want to encrypt. More info
EC2 Medium CIS 2.2.1 PCI DSS 3.5 HIPAA (Encryption) us-west-2 vol-0987ccd97176d01ee No EBS encryption found. Enable EBS encryption, either using encryption by default or by enabling encryption when you create a volume that you want to encrypt. More info
EC2 Low CIS 5.4 PCI DSS (Networking) HIPAA (Networking) us-west-2 sg-08a4e95779202da87 Default security group with 1 inbound and 1 outbound rules. Review inbound and outbound rules for any default security group. More info
EC2 Low CIS 5.4 PCI DSS (Networking) HIPAA (Networking) us-west-2 sg-0d2059d6f62212dde Default security group with 1 inbound and 1 outbound rules. Review inbound and outbound rules for any default security group. More info
EC2 Low CIS 5.4 PCI DSS (Networking) HIPAA (Networking) us-west-2 sg-0d21142c1e8c610f7 Default security group with 1 inbound and 1 outbound rules. Review inbound and outbound rules for any default security group. More info
EC2 Low CIS 5.4 PCI DSS (Networking) HIPAA (Networking) us-west-2 sg-b7f7f595 Default security group with 1 inbound and 1 outbound rules. Review inbound and outbound rules for any default security group. More info
EC2 Low CIS 5.4 PCI DSS (Networking) HIPAA (Networking) ap-south-1 sg-3d5f1d44 Default security group with 1 inbound and 1 outbound rules. Review inbound and outbound rules for any default security group. More info
EC2 Low CIS 5.4 PCI DSS (Networking) HIPAA (Networking) ap-northeast-2 sg-34ef8e4c Default security group with 1 inbound and 1 outbound rules. Review inbound and outbound rules for any default security group. More info
EC2 Low CIS 5.4 PCI DSS (Networking) HIPAA (Networking) ap-southeast-1 sg-7ffd8e36 Default security group with 1 inbound and 1 outbound rules. Review inbound and outbound rules for any default security group. More info
EC2 Low CIS 5.4 PCI DSS (Networking) HIPAA (Networking) ap-southeast-2 sg-a4bacfef Default security group with 1 inbound and 1 outbound rules. Review inbound and outbound rules for any default security group. More info
EC2 Low CIS 5.4 PCI DSS (Networking) HIPAA (Networking) ap-northeast-1 sg-68a91027 Default security group with 1 inbound and 1 outbound rules. Review inbound and outbound rules for any default security group. More info
EC2 Low CIS 5.4 PCI DSS (Networking) HIPAA (Networking) ca-central-1 sg-19392c7e Default security group with 1 inbound and 1 outbound rules. Review inbound and outbound rules for any default security group. More info
EC2 Low CIS 5.4 PCI DSS (Networking) HIPAA (Networking) eu-central-1 sg-577d7728 Default security group with 1 inbound and 1 outbound rules. Review inbound and outbound rules for any default security group. More info
EC2 Low CIS 5.4 PCI DSS (Networking) HIPAA (Networking) eu-west-1 sg-d77d858c Default security group with 1 inbound and 1 outbound rules. Review inbound and outbound rules for any default security group. More info
EC2 Low CIS 5.4 PCI DSS (Networking) HIPAA (Networking) eu-west-2 sg-dc55b6a4 Default security group with 1 inbound and 1 outbound rules. Review inbound and outbound rules for any default security group. More info
EC2 Low CIS 5.4 PCI DSS (Networking) HIPAA (Networking) eu-west-3 sg-48a3d32a Default security group with 1 inbound and 1 outbound rules. Review inbound and outbound rules for any default security group. More info
EC2 Low CIS 5.4 PCI DSS (Networking) HIPAA (Networking) eu-north-1 sg-3e01de5d Default security group with 1 inbound and 1 outbound rules. Review inbound and outbound rules for any default security group. More info
EC2 Low CIS 5.4 PCI DSS (Networking) HIPAA (Networking) sa-east-1 sg-07b33375 Default security group with 1 inbound and 1 outbound rules. Review inbound and outbound rules for any default security group. More info
VPC Medium CIS 3.9 PCI DSS 10.2 HIPAA (Audit) us-east-1 vpc-07f3b77c454b3c310 VPC Flow Logs are disabled. Ensure VPC flow logging is enabled in all VPCs. More info
VPC Medium CIS 3.9 PCI DSS 10.2 HIPAA (Audit) us-east-1 vpc-071a12f8ec7613303 VPC Flow Logs are disabled. Ensure VPC flow logging is enabled in all VPCs. More info
VPC Medium CIS 3.9 PCI DSS 10.2 HIPAA (Audit) us-east-1 vpc-073764f023b9a5efc VPC Flow Logs are disabled. Ensure VPC flow logging is enabled in all VPCs. More info
VPC Medium CIS 3.9 PCI DSS 10.2 HIPAA (Audit) us-east-2 vpc-02585025ab31219f8 VPC Flow Logs are disabled. Ensure VPC flow logging is enabled in all VPCs. More info
VPC Medium CIS 3.9 PCI DSS 10.2 HIPAA (Audit) us-east-2 vpc-0d6a54312c6027726 VPC Flow Logs are disabled. Ensure VPC flow logging is enabled in all VPCs. More info
VPC Medium CIS 3.9 PCI DSS 10.2 HIPAA (Audit) us-east-2 vpc-0c15019aee6c8423e VPC Flow Logs are disabled. Ensure VPC flow logging is enabled in all VPCs. More info
VPC Medium CIS 3.9 PCI DSS 10.2 HIPAA (Audit) us-west-1 vpc-72ea2314 VPC Flow Logs are disabled. Ensure VPC flow logging is enabled in all VPCs. More info
VPC Medium CIS 3.9 PCI DSS 10.2 HIPAA (Audit) us-west-2 vpc-033848556cef01aca VPC Flow Logs are disabled. Ensure VPC flow logging is enabled in all VPCs. More info
VPC Medium CIS 3.9 PCI DSS 10.2 HIPAA (Audit) us-west-2 vpc-0ed42ee2ea7505377 VPC Flow Logs are disabled. Ensure VPC flow logging is enabled in all VPCs. More info
VPC Medium CIS 3.9 PCI DSS 10.2 HIPAA (Audit) us-west-2 vpc-05461e6842795a02d VPC Flow Logs are disabled. Ensure VPC flow logging is enabled in all VPCs. More info
S3 Low PCI DSS 10.2 HIPAA (Audit) us-east-1 cf-templates-lqa4fy3xqyy2-us-west-2 Amazon S3 server access logging is disabled. Enable S3 access logging for detailed records for the requests that are made to a bucket. The access log information can be useful in security and access audits. More info
S3 Medium CIS 2.1.2 PCI DSS 4.2 HIPAA (Encryption) us-east-1 cf-templates-lqa4fy3xqyy2-us-west-2 Amazon S3 bucket policy was not found. Add S3 bucket policy to require encryption during data transit. To be compliant, the policy should explicitly deny access to HTTP requests. More info
S3 Low PCI DSS 10.2 HIPAA (Audit) us-east-1 elasticbeanstalk-us-east-1-531239714189 Amazon S3 server access logging is disabled. Enable S3 access logging for detailed records for the requests that are made to a bucket. The access log information can be useful in security and access audits. More info
S3 Medium CIS 2.1.1 PCI DSS 3.5 HIPAA (Encryption) us-east-1 elasticbeanstalk-us-east-1-531239714189 Amazon S3 bucket server-side encryption is disabled. Enable server-side encryption for S3 buckets to protect your data. More info
S3 Medium CIS 2.1.2 PCI DSS 4.2 HIPAA (Encryption) us-east-1 elasticbeanstalk-us-east-1-531239714189 Amazon S3 bucket policy was not found. Add S3 bucket policy to require encryption during data transit. To be compliant, the policy should explicitly deny access to HTTP requests. More info
S3 Low PCI DSS 10.2 HIPAA (Audit) us-east-1 test-collector Amazon S3 server access logging is disabled. Enable S3 access logging for detailed records for the requests that are made to a bucket. The access log information can be useful in security and access audits. More info
S3 Medium CIS 2.1.2 PCI DSS 4.2 HIPAA (Encryption) us-east-1 test-collector Amazon S3 bucket policy was not found. Add S3 bucket policy to require encryption during data transit. To be compliant, the policy should explicitly deny access to HTTP requests. More info
S3 Low PCI DSS 10.2 HIPAA (Audit) us-east-1 test-resources Amazon S3 server access logging is disabled. Enable S3 access logging for detailed records for the requests that are made to a bucket. The access log information can be useful in security and access audits. More info
S3 Medium CIS 2.1.2 PCI DSS 4.2 HIPAA (Encryption) us-east-1 test-resources Amazon S3 bucket policy was not found. Add S3 bucket policy to require encryption during data transit. To be compliant, the policy should explicitly deny access to HTTP requests. More info
S3 Low PCI DSS 10.2 HIPAA (Audit) us-east-1 test-scanner Amazon S3 server access logging is disabled. Enable S3 access logging for detailed records for the requests that are made to a bucket. The access log information can be useful in security and access audits. More info
S3 Medium CIS 2.1.2 PCI DSS 4.2 HIPAA (Encryption) us-east-1 test-scanner Amazon S3 bucket policy was not found. Add S3 bucket policy to require encryption during data transit. To be compliant, the policy should explicitly deny access to HTTP requests. More info
S3 Low PCI DSS 10.2 HIPAA (Audit) us-east-1 test-update Amazon S3 server access logging is disabled. Enable S3 access logging for detailed records for the requests that are made to a bucket. The access log information can be useful in security and access audits. More info
S3 Medium CIS 2.1.2 PCI DSS 4.2 HIPAA (Encryption) us-east-1 test-update Amazon S3 bucket policy was not found. Add S3 bucket policy to require encryption during data transit. To be compliant, the policy should explicitly deny access to HTTP requests. More info
RDS Critical PCI DSS 3.5 HIPAA (Encryption) us-east-1 database-1-final-snapshot RDS DB snapshot has no encryption. To ensure the data is encrypted at rest, copy the non-encrypted snapshot into a new one. Select Enable Encryption option to make sure the copy is encrypted. More info
RDS Critical PCI DSS 3.5 HIPAA (Encryption) us-east-1 test RDS DB snapshot has no encryption. To ensure the data is encrypted at rest, copy the non-encrypted snapshot into a new one. Select Enable Encryption option to make sure the copy is encrypted. More info
Simple Email Service Medium PCI DSS 3.5 HIPAA (Encryption) us-east-1 inbox-rule SES ruleset does not encrypt your emails before saving them to the Amazon S3 bucket Edit the rule and enable email encryption for the S3 action. More info
EKS Low PCI DSS 10.2 HIPAA (Audit) us-east-1 my-k8s-cluster Amazon EKS control plane logging is disabled for scheduler, api, authenticator, controllerManager, audit. Enable control plane logs to be sent to CloudWatch Logs. These logs will make it easy for you to secure and run your clusters. More info
EKS Low PCI DSS 10.2 HIPAA (Audit) us-east-1 test-cluster Amazon EKS control plane logging is disabled for scheduler, api, authenticator, controllerManager, audit. Enable control plane logs to be sent to CloudWatch Logs. These logs will make it easy for you to secure and run your clusters. More info
EKS Low PCI DSS 10.2 HIPAA (Audit) us-east-2 scan-my-fargatecluster Amazon EKS control plane logging is disabled for scheduler, api, authenticator, controllerManager, audit. Enable control plane logs to be sent to CloudWatch Logs. These logs will make it easy for you to secure and run your clusters. More info
EKS Low PCI DSS 10.2 HIPAA (Audit) us-east-2 rony-slim-and-mean Amazon EKS control plane logging is disabled for scheduler, api, authenticator, controllerManager, audit. Enable control plane logs to be sent to CloudWatch Logs. These logs will make it easy for you to secure and run your clusters. More info
EKS Low PCI DSS 10.2 HIPAA (Audit) us-east-2 ronyfargatefeb3rd531 Amazon EKS control plane logging is disabled for scheduler, api, authenticator, controllerManager, audit. Enable control plane logs to be sent to CloudWatch Logs. These logs will make it easy for you to secure and run your clusters. More info
EKS Low PCI DSS 10.2 HIPAA (Audit) us-west-2 rony-fargate-west2 Amazon EKS control plane logging is disabled for scheduler, api, authenticator, controllerManager, audit. Enable control plane logs to be sent to CloudWatch Logs. These logs will make it easy for you to secure and run your clusters. More info
EKS Low PCI DSS 10.2 HIPAA (Audit) us-west-2 rony-west2test-cluster Amazon EKS control plane logging is disabled for scheduler, api, authenticator, controllerManager, audit. Enable control plane logs to be sent to CloudWatch Logs. These logs will make it easy for you to secure and run your clusters. More info
EKS Low PCI DSS 10.2 HIPAA (Audit) us-west-2 test-fargate-west2 Amazon EKS control plane logging is disabled for scheduler, api, authenticator, controllerManager, audit. Enable control plane logs to be sent to CloudWatch Logs. These logs will make it easy for you to secure and run your clusters. More info
EKS Low PCI DSS 10.2 HIPAA (Audit) ap-southeast-2 my-new-cluster Amazon EKS control plane logging is disabled for scheduler, api, authenticator, controllerManager, audit. Enable control plane logs to be sent to CloudWatch Logs. These logs will make it easy for you to secure and run your clusters. More info
CloudTrail Critical PCI DSS 10.2 HIPAA (Audit) us-east-1 my-trail CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". Check out your CloudTrail configuration to make sure the logs are being delivered. More info
CloudTrail Informational PCI DSS 10.2 HIPAA (Audit) us-east-1 my-trail Logging data events for trails is disabled. Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. More info
CloudTrail Low CIS 3.6 PCI DSS 10.2 HIPAA (Audit) us-east-1 my-trail S3 bucket "prevasio-test-bucket" is used by CloudTrail and has Server access logging disabled. Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. More info
CloudTrail Critical PCI DSS 10.2 HIPAA (Audit) us-east-1 test-trail CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". Check out your CloudTrail configuration to make sure the logs are being delivered. More info
CloudTrail Informational PCI DSS 10.2 HIPAA (Audit) us-east-1 test-trail Logging data events for trails is disabled. Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. More info
CloudTrail Low CIS 3.6 PCI DSS 10.2 HIPAA (Audit) us-east-1 test-trail S3 bucket "aws-cloudtrail-logs-531239714189-8b5cd0ac" is used by CloudTrail and has Server access logging disabled. Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. More info
CloudTrail Critical PCI DSS 10.2 HIPAA (Audit) us-east-2 my-trail CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". Check out your CloudTrail configuration to make sure the logs are being delivered. More info
CloudTrail Informational PCI DSS 10.2 HIPAA (Audit) us-east-2 my-trail Logging data events for trails is disabled. Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. More info
CloudTrail Low CIS 3.6 PCI DSS 10.2 HIPAA (Audit) us-east-2 my-trail S3 bucket "prevasio-test-bucket" is used by CloudTrail and has Server access logging disabled. Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. More info
CloudTrail Critical PCI DSS 10.2 HIPAA (Audit) us-east-2 test-trail CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". Check out your CloudTrail configuration to make sure the logs are being delivered. More info
CloudTrail Informational PCI DSS 10.2 HIPAA (Audit) us-east-2 test-trail Logging data events for trails is disabled. Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. More info
CloudTrail Low CIS 3.6 PCI DSS 10.2 HIPAA (Audit) us-east-2 test-trail S3 bucket "aws-cloudtrail-logs-531239714189-8b5cd0ac" is used by CloudTrail and has Server access logging disabled. Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. More info
CloudTrail Critical PCI DSS 10.2 HIPAA (Audit) us-west-1 my-trail CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". Check out your CloudTrail configuration to make sure the logs are being delivered. More info
CloudTrail Informational PCI DSS 10.2 HIPAA (Audit) us-west-1 my-trail Logging data events for trails is disabled. Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. More info
CloudTrail Low CIS 3.6 PCI DSS 10.2 HIPAA (Audit) us-west-1 my-trail S3 bucket "prevasio-test-bucket" is used by CloudTrail and has Server access logging disabled. Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. More info
CloudTrail Critical PCI DSS 10.2 HIPAA (Audit) us-west-1 test-trail CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". Check out your CloudTrail configuration to make sure the logs are being delivered. More info
CloudTrail Informational PCI DSS 10.2 HIPAA (Audit) us-west-1 test-trail Logging data events for trails is disabled. Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. More info
CloudTrail Low CIS 3.6 PCI DSS 10.2 HIPAA (Audit) us-west-1 test-trail S3 bucket "aws-cloudtrail-logs-531239714189-8b5cd0ac" is used by CloudTrail and has Server access logging disabled. Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. More info
CloudTrail Critical PCI DSS 10.2 HIPAA (Audit) us-west-2 my-trail CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". Check out your CloudTrail configuration to make sure the logs are being delivered. More info
CloudTrail Informational PCI DSS 10.2 HIPAA (Audit) us-west-2 my-trail Logging data events for trails is disabled. Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. More info
CloudTrail Low CIS 3.6 PCI DSS 10.2 HIPAA (Audit) us-west-2 my-trail S3 bucket "prevasio-test-bucket" is used by CloudTrail and has Server access logging disabled. Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. More info
CloudTrail Critical PCI DSS 10.2 HIPAA (Audit) us-west-2 test-trail CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". Check out your CloudTrail configuration to make sure the logs are being delivered. More info
CloudTrail Informational PCI DSS 10.2 HIPAA (Audit) us-west-2 test-trail Logging data events for trails is disabled. Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. More info
CloudTrail Low CIS 3.6 PCI DSS 10.2 HIPAA (Audit) us-west-2 test-trail S3 bucket "aws-cloudtrail-logs-531239714189-8b5cd0ac" is used by CloudTrail and has Server access logging disabled. Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. More info
CloudTrail Critical PCI DSS 10.2 HIPAA (Audit) ap-south-1 my-trail CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". Check out your CloudTrail configuration to make sure the logs are being delivered. More info
CloudTrail Informational PCI DSS 10.2 HIPAA (Audit) ap-south-1 my-trail Logging data events for trails is disabled. Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. More info
CloudTrail Low CIS 3.6 PCI DSS 10.2 HIPAA (Audit) ap-south-1 my-trail S3 bucket "prevasio-test-bucket" is used by CloudTrail and has Server access logging disabled. Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. More info
CloudTrail Critical PCI DSS 10.2 HIPAA (Audit) ap-south-1 test-trail CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". Check out your CloudTrail configuration to make sure the logs are being delivered. More info
CloudTrail Informational PCI DSS 10.2 HIPAA (Audit) ap-south-1 test-trail Logging data events for trails is disabled. Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. More info
CloudTrail Low CIS 3.6 PCI DSS 10.2 HIPAA (Audit) ap-south-1 test-trail S3 bucket "aws-cloudtrail-logs-531239714189-8b5cd0ac" is used by CloudTrail and has Server access logging disabled. Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. More info
CloudTrail Critical PCI DSS 10.2 HIPAA (Audit) ap-northeast-2 my-trail CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". Check out your CloudTrail configuration to make sure the logs are being delivered. More info
CloudTrail Informational PCI DSS 10.2 HIPAA (Audit) ap-northeast-2 my-trail Logging data events for trails is disabled. Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. More info
CloudTrail Low CIS 3.6 PCI DSS 10.2 HIPAA (Audit) ap-northeast-2 my-trail S3 bucket "prevasio-test-bucket" is used by CloudTrail and has Server access logging disabled. Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. More info
CloudTrail Critical PCI DSS 10.2 HIPAA (Audit) ap-northeast-2 test-trail CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". Check out your CloudTrail configuration to make sure the logs are being delivered. More info
CloudTrail Informational PCI DSS 10.2 HIPAA (Audit) ap-northeast-2 test-trail Logging data events for trails is disabled. Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. More info
CloudTrail Low CIS 3.6 PCI DSS 10.2 HIPAA (Audit) ap-northeast-2 test-trail S3 bucket "aws-cloudtrail-logs-531239714189-8b5cd0ac" is used by CloudTrail and has Server access logging disabled. Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. More info
CloudTrail Critical PCI DSS 10.2 HIPAA (Audit) ap-southeast-1 my-trail CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". Check out your CloudTrail configuration to make sure the logs are being delivered. More info
CloudTrail Informational PCI DSS 10.2 HIPAA (Audit) ap-southeast-1 my-trail Logging data events for trails is disabled. Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. More info
CloudTrail Low CIS 3.6 PCI DSS 10.2 HIPAA (Audit) ap-southeast-1 my-trail S3 bucket "prevasio-test-bucket" is used by CloudTrail and has Server access logging disabled. Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. More info
CloudTrail Critical PCI DSS 10.2 HIPAA (Audit) ap-southeast-1 test-trail CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". Check out your CloudTrail configuration to make sure the logs are being delivered. More info
CloudTrail Informational PCI DSS 10.2 HIPAA (Audit) ap-southeast-1 test-trail Logging data events for trails is disabled. Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. More info
CloudTrail Low CIS 3.6 PCI DSS 10.2 HIPAA (Audit) ap-southeast-1 test-trail S3 bucket "aws-cloudtrail-logs-531239714189-8b5cd0ac" is used by CloudTrail and has Server access logging disabled. Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. More info
CloudTrail Critical PCI DSS 10.2 HIPAA (Audit) ap-southeast-2 my-trail CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". Check out your CloudTrail configuration to make sure the logs are being delivered. More info
CloudTrail Informational PCI DSS 10.2 HIPAA (Audit) ap-southeast-2 my-trail Logging data events for trails is disabled. Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. More info
CloudTrail Low CIS 3.6 PCI DSS 10.2 HIPAA (Audit) ap-southeast-2 my-trail S3 bucket "prevasio-test-bucket" is used by CloudTrail and has Server access logging disabled. Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. More info
CloudTrail Critical PCI DSS 10.2 HIPAA (Audit) ap-southeast-2 test-trail CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". Check out your CloudTrail configuration to make sure the logs are being delivered. More info
CloudTrail Informational PCI DSS 10.2 HIPAA (Audit) ap-southeast-2 test-trail Logging data events for trails is disabled. Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. More info
CloudTrail Low CIS 3.6 PCI DSS 10.2 HIPAA (Audit) ap-southeast-2 test-trail S3 bucket "aws-cloudtrail-logs-531239714189-8b5cd0ac" is used by CloudTrail and has Server access logging disabled. Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. More info
CloudTrail Critical PCI DSS 10.2 HIPAA (Audit) ap-northeast-1 my-trail CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". Check out your CloudTrail configuration to make sure the logs are being delivered. More info
CloudTrail Informational PCI DSS 10.2 HIPAA (Audit) ap-northeast-1 my-trail Logging data events for trails is disabled. Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. More info
CloudTrail Low CIS 3.6 PCI DSS 10.2 HIPAA (Audit) ap-northeast-1 my-trail S3 bucket "prevasio-test-bucket" is used by CloudTrail and has Server access logging disabled. Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. More info
CloudTrail Critical PCI DSS 10.2 HIPAA (Audit) ap-northeast-1 test-trail CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". Check out your CloudTrail configuration to make sure the logs are being delivered. More info
CloudTrail Informational PCI DSS 10.2 HIPAA (Audit) ap-northeast-1 test-trail Logging data events for trails is disabled. Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. More info
CloudTrail Low CIS 3.6 PCI DSS 10.2 HIPAA (Audit) ap-northeast-1 test-trail S3 bucket "aws-cloudtrail-logs-531239714189-8b5cd0ac" is used by CloudTrail and has Server access logging disabled. Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. More info
CloudTrail Critical PCI DSS 10.2 HIPAA (Audit) ca-central-1 my-trail CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". Check out your CloudTrail configuration to make sure the logs are being delivered. More info
CloudTrail Informational PCI DSS 10.2 HIPAA (Audit) ca-central-1 my-trail Logging data events for trails is disabled. Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. More info
CloudTrail Low CIS 3.6 PCI DSS 10.2 HIPAA (Audit) ca-central-1 my-trail S3 bucket "prevasio-test-bucket" is used by CloudTrail and has Server access logging disabled. Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. More info
CloudTrail Critical PCI DSS 10.2 HIPAA (Audit) ca-central-1 test-trail CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". Check out your CloudTrail configuration to make sure the logs are being delivered. More info
CloudTrail Informational PCI DSS 10.2 HIPAA (Audit) ca-central-1 test-trail Logging data events for trails is disabled. Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. More info
CloudTrail Low CIS 3.6 PCI DSS 10.2 HIPAA (Audit) ca-central-1 test-trail S3 bucket "aws-cloudtrail-logs-531239714189-8b5cd0ac" is used by CloudTrail and has Server access logging disabled. Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. More info
CloudTrail Critical PCI DSS 10.2 HIPAA (Audit) eu-central-1 my-trail CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". Check out your CloudTrail configuration to make sure the logs are being delivered. More info
CloudTrail Informational PCI DSS 10.2 HIPAA (Audit) eu-central-1 my-trail Logging data events for trails is disabled. Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. More info
CloudTrail Low CIS 3.6 PCI DSS 10.2 HIPAA (Audit) eu-central-1 my-trail S3 bucket "prevasio-test-bucket" is used by CloudTrail and has Server access logging disabled. Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. More info
CloudTrail Critical PCI DSS 10.2 HIPAA (Audit) eu-central-1 test-trail CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". Check out your CloudTrail configuration to make sure the logs are being delivered. More info
CloudTrail Informational PCI DSS 10.2 HIPAA (Audit) eu-central-1 test-trail Logging data events for trails is disabled. Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. More info
CloudTrail Low CIS 3.6 PCI DSS 10.2 HIPAA (Audit) eu-central-1 test-trail S3 bucket "aws-cloudtrail-logs-531239714189-8b5cd0ac" is used by CloudTrail and has Server access logging disabled. Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. More info
CloudTrail Critical PCI DSS 10.2 HIPAA (Audit) eu-west-1 my-trail CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". Check out your CloudTrail configuration to make sure the logs are being delivered. More info
CloudTrail Informational PCI DSS 10.2 HIPAA (Audit) eu-west-1 my-trail Logging data events for trails is disabled. Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. More info
CloudTrail Low CIS 3.6 PCI DSS 10.2 HIPAA (Audit) eu-west-1 my-trail S3 bucket "prevasio-test-bucket" is used by CloudTrail and has Server access logging disabled. Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. More info
CloudTrail Critical PCI DSS 10.2 HIPAA (Audit) eu-west-1 test-trail CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". Check out your CloudTrail configuration to make sure the logs are being delivered. More info
CloudTrail Informational PCI DSS 10.2 HIPAA (Audit) eu-west-1 test-trail Logging data events for trails is disabled. Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. More info
CloudTrail Low CIS 3.6 PCI DSS 10.2 HIPAA (Audit) eu-west-1 test-trail S3 bucket "aws-cloudtrail-logs-531239714189-8b5cd0ac" is used by CloudTrail and has Server access logging disabled. Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. More info
CloudTrail Critical PCI DSS 10.2 HIPAA (Audit) eu-west-2 my-trail CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". Check out your CloudTrail configuration to make sure the logs are being delivered. More info
CloudTrail Informational PCI DSS 10.2 HIPAA (Audit) eu-west-2 my-trail Logging data events for trails is disabled. Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. More info
CloudTrail Low CIS 3.6 PCI DSS 10.2 HIPAA (Audit) eu-west-2 my-trail S3 bucket "prevasio-test-bucket" is used by CloudTrail and has Server access logging disabled. Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. More info
CloudTrail Critical PCI DSS 10.2 HIPAA (Audit) eu-west-2 test-trail CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". Check out your CloudTrail configuration to make sure the logs are being delivered. More info
CloudTrail Informational PCI DSS 10.2 HIPAA (Audit) eu-west-2 test-trail Logging data events for trails is disabled. Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. More info
CloudTrail Low CIS 3.6 PCI DSS 10.2 HIPAA (Audit) eu-west-2 test-trail S3 bucket "aws-cloudtrail-logs-531239714189-8b5cd0ac" is used by CloudTrail and has Server access logging disabled. Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. More info
CloudTrail Critical PCI DSS 10.2 HIPAA (Audit) eu-west-3 my-trail CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". Check out your CloudTrail configuration to make sure the logs are being delivered. More info
CloudTrail Informational PCI DSS 10.2 HIPAA (Audit) eu-west-3 my-trail Logging data events for trails is disabled. Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. More info
CloudTrail Low CIS 3.6 PCI DSS 10.2 HIPAA (Audit) eu-west-3 my-trail S3 bucket "prevasio-test-bucket" is used by CloudTrail and has Server access logging disabled. Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. More info
CloudTrail Critical PCI DSS 10.2 HIPAA (Audit) eu-west-3 test-trail CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". Check out your CloudTrail configuration to make sure the logs are being delivered. More info
CloudTrail Informational PCI DSS 10.2 HIPAA (Audit) eu-west-3 test-trail Logging data events for trails is disabled. Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. More info
CloudTrail Low CIS 3.6 PCI DSS 10.2 HIPAA (Audit) eu-west-3 test-trail S3 bucket "aws-cloudtrail-logs-531239714189-8b5cd0ac" is used by CloudTrail and has Server access logging disabled. Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. More info
CloudTrail Critical PCI DSS 10.2 HIPAA (Audit) eu-north-1 my-trail CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". Check out your CloudTrail configuration to make sure the logs are being delivered. More info
CloudTrail Informational PCI DSS 10.2 HIPAA (Audit) eu-north-1 my-trail Logging data events for trails is disabled. Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. More info
CloudTrail Low CIS 3.6 PCI DSS 10.2 HIPAA (Audit) eu-north-1 my-trail S3 bucket "prevasio-test-bucket" is used by CloudTrail and has Server access logging disabled. Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. More info
CloudTrail Critical PCI DSS 10.2 HIPAA (Audit) eu-north-1 test-trail CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". Check out your CloudTrail configuration to make sure the logs are being delivered. More info
CloudTrail Informational PCI DSS 10.2 HIPAA (Audit) eu-north-1 test-trail Logging data events for trails is disabled. Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. More info
CloudTrail Low CIS 3.6 PCI DSS 10.2 HIPAA (Audit) eu-north-1 test-trail S3 bucket "aws-cloudtrail-logs-531239714189-8b5cd0ac" is used by CloudTrail and has Server access logging disabled. Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. More info
CloudTrail Critical PCI DSS 10.2 HIPAA (Audit) sa-east-1 my-trail CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". Check out your CloudTrail configuration to make sure the logs are being delivered. More info
CloudTrail Informational PCI DSS 10.2 HIPAA (Audit) sa-east-1 my-trail Logging data events for trails is disabled. Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. More info
CloudTrail Low CIS 3.6 PCI DSS 10.2 HIPAA (Audit) sa-east-1 my-trail S3 bucket "prevasio-test-bucket" is used by CloudTrail and has Server access logging disabled. Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. More info
CloudTrail Critical PCI DSS 10.2 HIPAA (Audit) sa-east-1 test-trail CloudTrail logs are not being delivered. The latest delivery attempt produced an error "NoSuchBucket". Check out your CloudTrail configuration to make sure the logs are being delivered. More info
CloudTrail Informational PCI DSS 10.2 HIPAA (Audit) sa-east-1 test-trail Logging data events for trails is disabled. Data events provide visibility into the resource operations performed on or within a resource. Please note that additional charges apply for logging data events. More info
CloudTrail Low CIS 3.6 PCI DSS 10.2 HIPAA (Audit) sa-east-1 test-trail S3 bucket "aws-cloudtrail-logs-531239714189-8b5cd0ac" is used by CloudTrail and has Server access logging disabled. Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket. More info
CloudWatch Medium PCI DSS 3.5 HIPAA (Encryption) us-east-1 /aws/lambda/test-collector:* Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. More info
CloudWatch Medium PCI DSS 3.5 HIPAA (Encryption) us-east-1 /aws/lambda/test-responder:* Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. More info
CloudWatch Medium PCI DSS 3.5 HIPAA (Encryption) us-east-1 /aws/lambda/test-scanner:* Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. More info
CloudWatch Medium PCI DSS 3.5 HIPAA (Encryption) us-east-1 /aws/lambda/test-scheduler:* Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. More info
CloudWatch Medium PCI DSS 3.5 HIPAA (Encryption) us-east-2 /aws/codebuild/InlineSecureScanning:* Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. More info
CloudWatch Medium PCI DSS 3.5 HIPAA (Encryption) us-east-2 /aws/eks/beautiful-outfit-1611727262/cluster:* Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. More info
CloudWatch Medium PCI DSS 3.5 HIPAA (Encryption) us-east-2 /aws/lambda/HelloWorldFunction:* Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. More info
CloudWatch Medium PCI DSS 3.5 HIPAA (Encryption) us-east-2 /aws/lambda/Sophos-Optix-flowlogs-fn:* Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. More info
CloudWatch Medium PCI DSS 3.5 HIPAA (Encryption) us-east-2 /aws/transfer/s-4ab6146e87334a43a:* Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. More info
CloudWatch Medium PCI DSS 3.5 HIPAA (Encryption) us-east-2 /ecs/console-sample-app-static:* Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. More info
CloudWatch Medium PCI DSS 3.5 HIPAA (Encryption) us-east-2 /ecs/first-run-task-definition:* Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. More info
CloudWatch Medium PCI DSS 3.5 HIPAA (Encryption) us-west-1 /aws/lambda/Sophos-Optix-flowlogs-fn:* Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. More info
CloudWatch Medium PCI DSS 3.5 HIPAA (Encryption) us-west-1 /aws/lambda/test:* Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. More info
CloudWatch Medium PCI DSS 3.5 HIPAA (Encryption) us-west-2 /aws/lambda/Sophos-Optix-cloudtrail-fn:* Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. More info
CloudWatch Medium PCI DSS 3.5 HIPAA (Encryption) us-west-2 /aws/lambda/Sophos-Optix-flowlogs-fn:* Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. More info
CloudWatch Medium PCI DSS 3.5 HIPAA (Encryption) us-west-2 /aws/lambda/SophosOptixRegionalResourcesLambda:* Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. More info
CloudWatch Medium PCI DSS 3.5 HIPAA (Encryption) us-west-2 /aws/lambda/my-function:* Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. More info
CloudWatch Medium PCI DSS 3.5 HIPAA (Encryption) us-west-2 /aws/transfer/s-3d3e19784f014b1a9:* Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. More info
CloudWatch Medium PCI DSS 3.5 HIPAA (Encryption) us-west-2 aws-cloudtrail-logs-531239714189-58a7e086:* Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. More info
CloudWatch Medium PCI DSS 3.5 HIPAA (Encryption) us-west-2 aws-cloudtrail-logs-531239714189-f6d6a35f:* Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. More info
CloudWatch Medium PCI DSS 3.5 HIPAA (Encryption) us-west-2 my-trail:* Log data in the CloudWatch log group is not encrypted with a KMS customer-managed key. For more control over the data-at-rest encryption, make sure the CloudWatch log group uses encryption with AWS KMS. More info
SNS High PCI DSS 3.5 HIPAA (Encryption) us-east-2 Sophos-Optix-flowlogs-s3-sns-topic SNS topic is not encrypted For additional confidentiality, ensure server-side encryption (SSE) is used to store sensitive data in encrypted topics. More info
SNS High PCI DSS 3.5 HIPAA (Encryption) us-east-2 dynamodb SNS topic is not encrypted For additional confidentiality, ensure server-side encryption (SSE) is used to store sensitive data in encrypted topics. More info
SNS High PCI DSS 3.5 HIPAA (Encryption) us-west-1 Sophos-Optix-flowlogs-s3-sns-topic SNS topic is not encrypted For additional confidentiality, ensure server-side encryption (SSE) is used to store sensitive data in encrypted topics. More info
SNS High PCI DSS 3.5 HIPAA (Encryption) us-west-2 Sophos-Optix-flowlogs-s3-sns-topic SNS topic is not encrypted For additional confidentiality, ensure server-side encryption (SSE) is used to store sensitive data in encrypted topics. More info
SNS High PCI DSS 3.5 HIPAA (Encryption) ap-south-1 Sophos-Optix-flowlogs-s3-sns-topic SNS topic is not encrypted For additional confidentiality, ensure server-side encryption (SSE) is used to store sensitive data in encrypted topics. More info
SNS High PCI DSS 3.5 HIPAA (Encryption) ap-northeast-2 Sophos-Optix-flowlogs-s3-sns-topic SNS topic is not encrypted For additional confidentiality, ensure server-side encryption (SSE) is used to store sensitive data in encrypted topics. More info
SNS High PCI DSS 3.5 HIPAA (Encryption) ap-southeast-1 Sophos-Optix-flowlogs-s3-sns-topic SNS topic is not encrypted For additional confidentiality, ensure server-side encryption (SSE) is used to store sensitive data in encrypted topics. More info
SNS High PCI DSS 3.5 HIPAA (Encryption) ap-southeast-2 Sophos-Optix-flowlogs-s3-sns-topic SNS topic is not encrypted For additional confidentiality, ensure server-side encryption (SSE) is used to store sensitive data in encrypted topics. More info
SNS High PCI DSS 3.5 HIPAA (Encryption) ap-northeast-1 Sophos-Optix-flowlogs-s3-sns-topic SNS topic is not encrypted For additional confidentiality, ensure server-side encryption (SSE) is used to store sensitive data in encrypted topics. More info
SNS High PCI DSS 3.5 HIPAA (Encryption) ca-central-1 Sophos-Optix-flowlogs-s3-sns-topic SNS topic is not encrypted For additional confidentiality, ensure server-side encryption (SSE) is used to store sensitive data in encrypted topics. More info
SNS High PCI DSS 3.5 HIPAA (Encryption) eu-central-1 Sophos-Optix-flowlogs-s3-sns-topic SNS topic is not encrypted For additional confidentiality, ensure server-side encryption (SSE) is used to store sensitive data in encrypted topics. More info
SNS High PCI DSS 3.5 HIPAA (Encryption) eu-west-1 Sophos-Optix-flowlogs-s3-sns-topic SNS topic is not encrypted For additional confidentiality, ensure server-side encryption (SSE) is used to store sensitive data in encrypted topics. More info
SNS High PCI DSS 3.5 HIPAA (Encryption) eu-west-2 Sophos-Optix-flowlogs-s3-sns-topic SNS topic is not encrypted For additional confidentiality, ensure server-side encryption (SSE) is used to store sensitive data in encrypted topics. More info
SNS High PCI DSS 3.5 HIPAA (Encryption) eu-west-3 Sophos-Optix-flowlogs-s3-sns-topic SNS topic is not encrypted For additional confidentiality, ensure server-side encryption (SSE) is used to store sensitive data in encrypted topics. More info
SNS High PCI DSS 3.5 HIPAA (Encryption) eu-north-1 Sophos-Optix-flowlogs-s3-sns-topic SNS topic is not encrypted For additional confidentiality, ensure server-side encryption (SSE) is used to store sensitive data in encrypted topics. More info
SNS High PCI DSS 3.5 HIPAA (Encryption) sa-east-1 Sophos-Optix-flowlogs-s3-sns-topic SNS topic is not encrypted For additional confidentiality, ensure server-side encryption (SSE) is used to store sensitive data in encrypted topics. More info
CloudFront High PCI DSS 4.2 HIPAA (Encryption) us-east-1 EABCW25ZCESFI CloudFront distribution is not configured to enforce encryption (using HTTPS) for data in transit. HIPAA compliance requires all data to be transmitted over secure channels. Edit distribution's behaviour and set its viewer protocol policy to "HTTPS Only". More info
CloudFront High PCI DSS 10.2 HIPAA (Audit) us-east-1 EABCW25ZCESFI CloudFront distribution is not configured to save access logs to an Amazon S3 bucket. Enable distribution's access logs to comply with HIPAA (requires access logging for auditing purposes) and PCI DSS (Requirement 10: track and monitor all access to network resources and cardholder data). More info
CloudFront Critical PCI DSS 4.2 PCI DSS (Old Protocols) HIPAA (Encryption) us-east-1 EABCW25ZCESFI CloudFront distribution uses insecure default CloudFront protocol TLSv1. To comply with PSI DSS (requires not to use SSLv2, SSLv3, TLS 1.0), create and import a custom SSL Certificate. Next, select the recommended security policy for CloudFront to use for HTTPS connections. More info
CloudFront Medium PCI DSS 10.2 HIPAA (Audit) us-east-1 EABCW25ZCESFI CloudFront distribution uses an S3 bucket as origin without an origin access identity, allowing direct access to your objects through Amazon S3 URLs. Restrict bucket access in the origin settings so that users were able to access your S3 content using CloudFront URLs, not Amazon S3 URLs. This is required to comply with HIPAA privacy rule, enabling audit for all access to PHI. More info
EMR Medium PCI DSS 10.2 HIPAA (Audit) us-east-1 j-2XLTZN5X5X0UT EMR cluster has no logging enabled to the Amazon S3 location. Configure the cluster to periodically archive the log files stored on the master node to Amazon S3. If the cluster terminates, the logs will reveal if this is through normal shut down or due to an error. More info
SageMaker High PCI DSS 3.5 HIPAA (Encryption) us-east-1 my-motebook-instance SageMaker notebook data is not encrypted. To help protect data at rest, ensure encryption with AWS Key Management Service (AWS KMS) is enabled for your SageMaker notebook. More info
Athena High PCI DSS 3.5 HIPAA (Encryption) us-east-1 test-workgroup Athena workgroup uses no encryption at rest. To fulfill HIPAA and PCI DSS compliance requirements for encryption of data at rest, enable encryption at rest for the Athena workgroup. More info
API Gateway High PCI DSS 10.2 HIPAA (Audit) us-east-2 s87eelcsz6 API Gateway has neither ERROR nor INFO level of logging enabled in the stage: "dev". Enable either ERROR or INFO level of logging in the stage's settings. More info
Kinesis Critical PCI DSS 3.5 HIPAA (Encryption) us-east-1 stream3 S3 server-side encryption for the Firehose delivery stream is disabled. To fulfill HIPAA and PCI DSS compliance requirements for encryption of data at rest, make sure the data delivered in S3 bucket is encrypted with a KMS customer-managed key. More info
SQS High PCI DSS 3.5 HIPAA (Encryption) us-east-1 test-execution-queue-collector SQS queue is not encrypted. To fulfill HIPAA and PCI DSS compliance requirements for encryption of data at rest, enable encryption with KMS for all SQS queues. More info
SQS High PCI DSS 3.5 HIPAA (Encryption) us-east-1 test-queue.fifo SQS queue is not encrypted. To fulfill HIPAA and PCI DSS compliance requirements for encryption of data at rest, enable encryption with KMS for all SQS queues. More info
Comprehend High PCI DSS 3.5 HIPAA (Encryption) us-east-1 d82797322f0833a4b7811a1d178fca1f Output result encryption for your Comprehend analysis job "my-job2" is disabled. To fulfill HIPAA and PCI DSS compliance requirements for encryption of data at rest, make sure your output data is encrypted with a KMS customer-managed key (CMK). More info
Comprehend High PCI DSS 3.5 HIPAA (Encryption) us-east-1 d82797322f0833a4b7811a1d178fca1f Comprehend analysis job "my-job2" has encryption for the data in the storage volume is disabled. To fulfill HIPAA and PCI DSS compliance requirements for encryption of data at rest, make sure your data in the storage volume is encrypted with a KMS customer-managed key (CMK). More info
Elastic File System Critical CIS 2.4.1 PCI DSS 3.5 HIPAA (Encryption) us-east-1 fs-34d4d281 EFS file system is not encrypted. To fulfill HIPAA and PCI DSS compliance requirements for encryption of data at rest and in transit, make sure your file system is encrypted with a KMS customer-managed key (CMK). More info