cfn_nag

1 · · Aug. 27, 2021, 6:29 p.m.
cfn_nag Linting tool for CloudFormation templates The cfn-nag tool looks for patterns in CloudFormation templates that may indicate insecure infrastructure. Roughly speaking, it will look for: IAM rules that are too permissive (wildcards) Security group rules that are too permissive (wildcards) Access logs that aren’t enabled Encryption that isn’t enabled Password literals For more background on the tool, please see this post at Stelligent’s blog: Finding Security Problems Early in the Develop...