Revision 1.15Sep 19, 2025

1.7 Ensure all Customer owned Amazon Machine Images for Web Tier are not shared publicly
1.8 Ensure all Customer owned Amazon Machine Images for Application Tier are not shared publicly

2.8 Ensure an IAM policy that allows admin privileges for all services used is created
4.1 Ensure a SNS topic is created for sending out notifications from Cloudtwatch Alarms and Auto-Scaling Groups
4.2 Ensure a SNS topic is created for sending out notifications from RDS events
5.10 Ensure an AWS Managed Config Rule for encrypted volumes is applied to Web Tier
5.11 Ensure an AWS Managed Config Rule for encrypted volumes is applied to App Tier
6.10 Ensure NAT Gateways are created in at least 2 Availability Zones

2.8 Ensure an IAM policy that allows admin privileges for all services used is created - Policy Exist
2.8 Ensure an IAM policy that allows admin privileges for all services used is created - Review Policy Document
4.1 Ensure a SNS topic is created for sending out notifications from Cloudtwatch Alarms and Auto-Scaling Groups - CloudwatchAlarms
4.1 Ensure a SNS topic is created for sending out notifications from Cloudtwatch Alarms and Auto-Scaling Groups - List SNS Subscriptions
4.2 Ensure a SNS topic is created for sending out notifications from RDS events - List SNS Subscriptions
4.2 Ensure a SNS topic is created for sending out notifications from RDS events - RDS Event Subscriptions
5.10 Ensure an AWS Managed Config Rule for encrypted volumes is applied to Web Tier - Encryption
5.10 Ensure an AWS Managed Config Rule for encrypted volumes is applied to Web Tier - KMS ID
5.11 Ensure an AWS Managed Config Rule for encrypted volumes is applied to App Tier - Encryption
5.11 Ensure an AWS Managed Config Rule for encrypted volumes is applied to App Tier - KMS ID
6.10 Ensure NAT Gateways are created in at least 2 Availability Zones - Subnet1
6.10 Ensure NAT Gateways are created in at least 2 Availability Zones - Subnet2