TAG

Icon
Icon AWS ACM health

Icon 1 5 Troubleshooting Commands

Icon 2 Contributed by saurabh3460

Icon 2 Codecollection: aws-c7n-codecollection

List AWS ACM certificates that are unused, Expiring, or expired and failed status.

Tasks:
  • List Unused ACM Certificates in AWS Region `AWS_REGION` in AWS Account `AWS_ACCOUNT_ID`
  • List Expiring ACM Certificates in AWS Region `AWS_REGION` in AWS Account `AWS_ACCOUNT_ID`
  • List Expired ACM Certificates in AWS Region `AWS_REGION` in AWS Account `AWS_ACCOUNT_ID`
  • List Failed Status ACM Certificates in AWS Region `AWS_REGION` in AWS Account `AWS_ACCOUNT_ID`
  • List Pending Validation ACM Certificates in AWS Region `AWS_REGION` in AWS Account `AWS_ACCOUNT_ID`
IconSource Code IconDiscoverable
Icon AWS ACM health

Icon 1 6 Troubleshooting Commands

Icon 2 Contributed by saurabh3460

Icon 2 Codecollection: aws-c7n-codecollection

Count AWS ACM certificates that are unused, Expiring, or expired and failed status.

Tasks:
  • Check for unused ACM certificates in AWS Region `${AWS_REGION}` in AWS account `${AWS_ACCOUNT_ID}`
  • Check for Expiring ACM certificates in AWS Region `${AWS_REGION}` in AWS account `${AWS_ACCOUNT_ID}`
  • Check for expired ACM certificates in AWS Region `${AWS_REGION}` in AWS account `${AWS_ACCOUNT_ID}`
  • Check for Failed Status ACM Certificates in AWS Region `${AWS_REGION}` in AWS Account `${AWS_ACCOUNT_ID}`
  • Check for Pending Validation ACM Certificates in AWS Region `${AWS_REGION}` in AWS Account `${AWS_ACCOUNT_ID}`
  • Generate Health Score
IconSource Code
Icon AWS network health

Icon 1 4 Troubleshooting Commands

Icon 2 Contributed by saurabh3460

Icon 2 Codecollection: aws-c7n-codecollection

List publicly accessible security groups, unused EIPs, unused ELBs, and VPCs with flow logs disabled

Tasks:
  • List Publicly Accessible Security Groups in AWS account `AWS_ACCOUNT_ID`
  • List unused Elastic IPs in AWS account `AWS_ACCOUNT_ID`
  • List unused ELBs in AWS account `AWS_ACCOUNT_ID`
  • List VPCs with Flow Logs Disabled in AWS account `AWS_ACCOUNT_ID`
IconSource Code IconDiscoverable
Icon AWS network health

Icon 1 5 Troubleshooting Commands

Icon 2 Contributed by saurabh3460

Icon 2 Codecollection: aws-c7n-codecollection

Count publicly accessible security groups, unused EIPs, unused ELBs, and VPCs with flow logs disabled

Tasks:
  • Check for publicly accessible security groups in AWS account `${AWS_ACCOUNT_ID}`
  • Check for unused Elastic IPs in AWS account `${AWS_ACCOUNT_ID}`
  • Check for unused ELBs in AWS account `${AWS_ACCOUNT_ID}`
  • Check for VPCs with Flow Logs disabled in AWS account `${AWS_ACCOUNT_ID}`
  • Generate Health Score
IconSource Code
Icon AWS RDS health

Icon 1 3 Troubleshooting Commands

Icon 2 Contributed by saurabh3460

Icon 2 Codecollection: aws-c7n-codecollection

List AWS RDS instances that are unencrypted, publicly accessible, or have backups disabled.

Tasks:
  • List Unencrypted RDS Instances in AWS Region `AWS_REGION` in AWS Account `AWS_ACCOUNT_ID`
  • List Publicly Accessible RDS Instances in AWS Region `AWS_REGION` in AWS Account `AWS_ACCOUNT_ID`
  • List RDS Instances with Backups Disabled in AWS Region `AWS_REGION` in AWS Account `AWS_ACCOUNT_ID`
IconSource Code IconDiscoverable
Icon AWS RDS health

Icon 1 4 Troubleshooting Commands

Icon 2 Contributed by saurabh3460

Icon 2 Codecollection: aws-c7n-codecollection

Check AWS RDS instances that are unencrypted, publicly accessible, or have backups disabled.

Tasks:
  • Check for unencrypted RDS instances in AWS Region `${AWS_REGION}` in AWS account `${AWS_ACCOUNT_ID}`
  • Check for publicly accessible RDS instances in AWS Region `${AWS_REGION}` in AWS account `${AWS_ACCOUNT_ID}`
  • Check for disabled backup RDS instances in AWS Region `${AWS_REGION}` in AWS account `${AWS_ACCOUNT_ID}`
  • Generate Health Score
IconSource Code
Icon AWS CloudWatch Logs health

Icon 1 3 Troubleshooting Commands

Icon 2 Contributed by saurabh3460

Icon 2 Codecollection: aws-c7n-codecollection

Check AWS Monitoring Configuration Health

Tasks:
  • List CloudWatch Log Groups Without Retention Period in AWS Region `AWS_REGION` in AWS Account `AWS_ACCOUNT_ID`
  • Check CloudTrail Configuration in AWS Region `AWS_REGION` in AWS Account `AWS_ACCOUNT_ID`
  • Check for CloudTrail integration with CloudWatch Logs in AWS Region `AWS_REGION` in AWS Account `AWS_ACCOUNT_ID`
IconSource Code IconDiscoverable
Icon AWS CloudWatch Logs health

Icon 1 4 Troubleshooting Commands

Icon 2 Contributed by saurabh3460

Icon 2 Codecollection: aws-c7n-codecollection

Check AWS Monitoring Configuration Health

Tasks:
  • Check CloudWatch Log Groups Without Retention Period in AWS Region `${AWS_REGION}` in AWS account `${AWS_ACCOUNT_ID}`
  • Check if CloudTrail exists and is configured for multi-region in AWS Region `${AWS_REGION}` in AWS Account `${AWS_ACCOUNT_ID}`
  • Check CloudTrail Without CloudWatch Logs in AWS Region `${AWS_REGION}` in AWS Account `${AWS_ACCOUNT_ID}`
  • Generate Health Score
IconSource Code