O'Reilly logo

Cloud Native Architectures by Piyum Zonooz, Erik Farr, Kamal Arora, Tom Laszewski

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Stelligent cfn-nag

The cfn-nag (https://github.com/stelligent/cfn_nag) tool looks for patterns in AWS CloudFormation templates that may indicate insecure infrastructure. Roughly speaking, it will look for the following:

  • IAM rules that are too permissive (wildcards)
  • Security group rules that are too permissive (wildcards)
  • Access logs that aren't enabled
  • Encryption that isn't enabled

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required