| AC_AZURE_0159 | Ensure Azure Active Directory (Azure AD) has been enabled in Azure Kubernetes Cluster | Azure | Compliance Validation | MEDIUM |
| AC_AZURE_0165 | Ensure that only allowed key types are in use for Azure Key Vault Certificate | Azure | Compliance Validation | HIGH |
| AC_AWS_0109 | Ensure latest version of elasticsearch engine is used for AWS ElasticSearch Domains | AWS | Compliance Validation | MEDIUM |
| AC_AWS_0141 | Ensure password policy requires minimal length of 7 for AWS IAM Account Password Policy | AWS | Compliance Validation | MEDIUM |
| AC_AWS_0226 | Ensure secrets should be auto-rotated after not more than 90 days | AWS | Compliance Validation | HIGH |
| AC_GCP_0016 | Ensure container-optimized OS (COS) is used for Google Container Node Pool | GCP | Compliance Validation | LOW |
| AC_GCP_0022 | Ensure PodSecurityPolicy controller is enabled on Google Container Cluster | GCP | Compliance Validation | HIGH |
| AC_GCP_0225 | Ensure 'skip_show_database' database flag for Cloud SQL Mysql instance is set to 'on' | GCP | Compliance Validation | LOW |
| AC_GCP_0249 | Ensure that Cloud SQL database instances do not have public IPs | GCP | Compliance Validation | MEDIUM |
| AC_GCP_0251 | Ensure that the 'log_checkpoints' database flag for Cloud SQL PostgreSQL instance is set to 'on' | GCP | Compliance Validation | LOW |
| AC_GCP_0257 | Ensure that the 'log_min_duration_statement' database flag for Cloud SQL PostgreSQL instance is set to '-1' (disabled) | GCP | Compliance Validation | LOW |
| AC_GCP_0315 | Ensure 'log_hostname' database flag for Cloud SQL PostgreSQL instance is set appropriately | GCP | Compliance Validation | LOW |
| AC_K8S_0011 | Ensure that the --streaming-connection-idle-timeout argument is not set to 0 | Kubernetes | Compliance Validation | LOW |
| AC_K8S_0047 | Ensure that the admission control plugin AlwaysAdmit is not set | Kubernetes | Compliance Validation | MEDIUM |
| AC_K8S_0129 | Ensure that the admission control plugin PodSecurityPolicy is set | Kubernetes | Compliance Validation | MEDIUM |
| AC_AZURE_0225 | Ensure Power BI analysis services are defined for Azure Analysis Services Server | Azure | Compliance Validation | LOW |
| AC_AWS_0426 | Ensure that initial login requires password reset for AWS IAM Users | AWS | Compliance Validation | HIGH |
| AC_AWS_0438 | Ensure that there are no orphan in AWS IAM groups | AWS | Compliance Validation | LOW |
| AC_AZURE_0146 | Ensure log analytics workspace has daily quota value set for Azure Log Analytics Workspace | Azure | Compliance Validation | LOW |
| AC_AZURE_0174 | Ensure 'ReadOnly' cache is enabled on OS disks with read heavy operations to get higher read IOPS for Azure Image | Azure | Compliance Validation | LOW |
| AC_AZURE_0257 | Ensure Azure Active Directory (AAD) is configured for Azure Synapse Workspace | Azure | Compliance Validation | MEDIUM |
| AC_AZURE_0259 | Ensure point-in-time-restore is enabled for Azure SQL Database | Azure | Compliance Validation | MEDIUM |
| AC_AZURE_0331 | Ensure that Microsoft Defender for Endpoint (WDATP) integration with Microsoft Defender for Cloud is selected | Azure | Compliance Validation | MEDIUM |
| AC_AZURE_0332 | Ensure That Auto provisioning of 'Log Analytics agent for Azure VMs' is Set to 'On' | Azure | Compliance Validation | MEDIUM |
| AC_AZURE_0346 | Ensure provider status is in provisioned state for Azure Express Route Circuit | Azure | Compliance Validation | LOW |
| AC_AZURE_0377 | Ensure usage of names like 'Admin' are avoided for Azure SQL Server | Azure | Compliance Validation | MEDIUM |
| AC_AWS_0061 | Ensure active directory remains in use to authenticate users for Amazon Relational Database Service (Amazon RDS) Instances | AWS | Compliance Validation | MEDIUM |
| AC_AWS_0069 | Ensure Multi-AZ is enabled for AWS Database Migration Service (DMS) instances | AWS | Compliance Validation | MEDIUM |
| AC_AWS_0134 | Ensure password policy requires at least one lowercase character for AWS IAM Account Password Policy | AWS | Compliance Validation | LOW |
| AC_AWS_0138 | Ensure credentials unused for 45 days or greater are disabled | AWS | Compliance Validation | LOW |
| AC_AWS_0193 | Ensure Auto Minor Version Upgrade feature is Enabled for Amazon Relational Database Service (Amazon RDS) Instances | AWS | Compliance Validation | MEDIUM |
| AC_GCP_0100 | Ensure 'log_planner_stats' database flag for Cloud SQL PostgreSQL instance is set to 'off' | GCP | Compliance Validation | LOW |
| AC_GCP_0132 | Ensure 'log_duration' database flag for Cloud SQL PostgreSQL instance is set to 'on' | GCP | Compliance Validation | LOW |
| AC_GCP_0253 | Ensure that the 'log_disconnections' database flag for Cloud SQL PostgreSQL instance is set to 'on' | GCP | Compliance Validation | LOW |
| AC_GCP_0256 | Ensure that the 'log_temp_files' database flag for Cloud SQL PostgreSQL instance is set to '0' (on) | GCP | Compliance Validation | LOW |
| AC_GCP_0261 | Ensure 'remote access' database flag for Cloud SQL Server instance is set to 'off' | GCP | Compliance Validation | LOW |
| AC_GCP_0296 | Ensure Container-Optimized OS (COS) is used for GKE node images | GCP | Compliance Validation | LOW |
| AC_GCP_0298 | Ensure 'log_executor_stats' database flag for Cloud SQL PostgreSQL instance is set to 'off' | GCP | Compliance Validation | LOW |
| AC_K8S_0019 | Ensure that the admission control plugin EventRateLimit is set | Kubernetes | Compliance Validation | MEDIUM |
| AC_AWS_0422 | Ensure AWS Redshift Snapshot Retention Policy is more than 7 days | AWS | Compliance Validation | MEDIUM |
| AC_AWS_0427 | Ensure hardware MFA is enabled for the "root user" account | AWS | Compliance Validation | HIGH |
| AC_AWS_0459 | Ensure detailed monitoring is enabled for AWS EC2 instances | AWS | Compliance Validation | LOW |
| AC_AWS_0597 | Ensure MFA is enabled for the 'root' user account | AWS | Compliance Validation | HIGH |
| AC_AZURE_0150 | Ensure windows diagnostic is enabled for Azure Windows Virtual Machine Scale Set | Azure | Compliance Validation | MEDIUM |
| AC_AZURE_0256 | Ensure private DNS zones are not linked to Azure Virtual Network | Azure | Compliance Validation | LOW |
| AC_AZURE_0330 | Ensure that Microsoft Defender for Cloud Apps (MCAS) Integration with Microsoft Defender for Cloud is Selected | Azure | Compliance Validation | MEDIUM |
| AC_AZURE_0384 | Ensure that names like 'Admin' are not used for Azure SQL Server Active Directory Administrator | Azure | Compliance Validation | MEDIUM |
| AC_AZURE_0403 | Ensure email addresses are setup for Azure PostgreSQL Server | Azure | Compliance Validation | LOW |
| AC_GCP_0013 | Ensure '3625 (trace flag)' database flag for Cloud SQL Server instance is set to 'off' | GCP | Compliance Validation | LOW |
| AC_GCP_0019 | Ensure labels are configured for Google Container Cluster | GCP | Compliance Validation | LOW |
