General Policies

How to Use this Page

This page lists the AWS General Policies that Bridgecrew helps you enforce. You can browse this page, or search for a specific policy ID or short title. For each policy, press the link for more details about a policy and its remediation options.

Ensure EC2 Instances have Tags
Violation ID: BC_AWS_GENERAL_1

EBS Volume Check
Violation ID: BC_AWS_GENERAL_2

Encrypt EBS Volume
Violation ID: BC_AWS_GENERAL_3

Enable RDS Instance Encryption
Violation ID: BC_AWS_GENERAL_4

Set CloudFront Distribution to HTTPS
Violation ID: BC_AWS_GENERAL_5

Enable DynamoDB Point-in-time Recovery
Violation ID: BC_AWS_GENERAL_6

Encrypt EBS Snapshot Data
Violation ID: BC_AWS_GENERAL_7

Enable ECR Image Scan on Push
Violation ID: BC_AWS_GENERAL_8

Encrypt Elasticach Replication Group Data at Rest
Violation ID: BC_AWS_GENERAL_9

Encrypt Elasticach Replication Group Data at Transit
Violation ID: BC_AWS_GENERAL_10

Encrypt Elasticach Replication Group Data at Transit with Authentication Token
Violation ID: BC_AWS_GENERAL_11

Encrypt Launch Configuration EBS Data
Violation ID: BC_AWS_GENERAL_13

Encrypt Sagemaker Data at Rest
Violation ID: BC_AWS_GENERAL_14

Encrypt SNS Topic Data
Violation ID: BC_AWS_GENERAL_15

Encrypt SQS Queue Data
Violation ID: BC_AWS_GENERAL_16

Encrypt Elastic File System
Violation ID: BC_AWS_GENERAL_17

Encrypt Neptune Storage
Violation ID: BC_AWS_GENERAL_18

No AWS Managed Key Encryption for Elasticsearch Domain
Violation ID: BC_AWS_GENERAL_20

Ensure Kinesis Stream is Securely Encrypted at Rest
Violation ID: BC_AWS_GENERAL_22

Ensure Dax is Securely Encrypted at Rest
Violation ID: BC_AWS_GENERAL_23

Ensure ECR Image Tags are Immutable
Violation ID: BC_AWS_GENERAL_24

Route 53 DNS Service Modification Detected
Violation ID: BC_AWS_ALERT_2

Ensure all taggable resources are tagged
Violation ID: BC_AWS_GENERAL_26

Updated about a month ago


General Policies


Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.