Ensure policies are used for AWS CloudFormation Stacks

MEDIUM

Description

AWS CloudFormation Stacks do not use policies. This may cause accidental update or deletion of stack resources.

Remediation

AWS CloudFormation can be used to automate the creation of cloud resources by using CloudFormation Templates. To begin, visit the AWS Console and navigate to the CloudFormation section.

For more information, see the AWS or Terraform documentation.
References:
https://docs.aws.amazon.com/cloudformation
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/cloudformation_stack

Policy Details

Rule Reference ID: AC_AWS_0445

CSP: AWS

Remediation Available: Yes

Domain: Security Best Practices

Resource: aws_cloudformation_stack

Resource Category: Management

Resource Type: CloudFormation

Frameworks

GDPR
HIPAA
ISO-27001
NIST-800-171
NIST-800-53
NIST-CSF

Detections

Analytics