Cloudformation Fixes

• 109 – Unrestricted access between network segments - RDS
• 165 – Insecure service configuration - AWS Security Groups
• 177 – Insecure service configuration - Security Groups
• 203 – Unauthorized access to files - Cloud Storage Services
• 246 – Non-encrypted confidential information - DB
• 250 – Non-encrypted hard drives
• 256 – Lack of protection against deletion - RDS
• 258 – Lack of protection against deletion - ELB
• 259 – Lack of protection against deletion - DynamoDB
• 281 – Use of an insecure channel - Cloud Infrastructure
• 313 – Insecure service configuration - Certificates
• 325 – Excessive privileges - Wildcards
• 332 – Insecure protocol allowed in security group
• 333 – Insecure service configuration - EC2
• 335 – Insecure service configuration - Bucket
• 363 – Weak credential policy - Password strength
• 372 – Use of an insecure channel - HTTP
• 394 – Insufficient data authenticity validation - CloudTrail Logs
• 396 – Insecure service configuration - KMS
• 400 – Traceability Loss - AWS
• 406 – Non-encrypted confidential information - EFS
• 407 – Non-encrypted confidential information - EBS Volumes
• 408 – Traceability Loss - API Gateway
• 433 – Non-encrypted confidential information - Redshift Cluster
• 005 – Privilege escalation
• 016 – Insecure encryption algorithm - SSL/TLS
• 024 – Unrestricted access between network segments - AWS
• 031 – Excessive privileges - AWS
• 044 – Insecure HTTP methods enabled
• 073 – Improper authorization control for web services - RDS
• 081 – Lack of multi-factor authentication
• 099 – Non-encrypted confidential information - S3 Server Side Encryption