9 July 2021 - Rule Update Notice
Custom Policy Updates
The custom policy has been updated to version 1.32 as a result of the new deployment. You’ll need to update your custom policy to the latest version. The following permission has been added:
IAM-070: Check for IAM User user group membership
This rule ensures that your Amazon Identity and Access Management (IAM) users are members of at least one IAM group to adhere to IAM security best practices.
- The following rules will now return no checks for findings suppressed in AWS:
- TrustAdvisor-001: Trusted Advisor Service Limits
- TrustAdvisor-002: Trusted Advisor Checks
- TrustAdvisor-003: Exposed IAM Access Keys
- IAM-045: IAM Policies With Full Administrative Privileges
The rule now supports exceptions via Tags and Resource id.
- IAM-066 - AWS IAM Groups with Admin Privileges Updated the rule to add exceptions based on resource Tags and IDs.
- ELBv2-004: ELBv2 Minimum Number of EC2 Target Instances
Fixed a bug that generated false negatives when the ELBv2 service API experienced throttling.
- ASG-007: Auto Scaling Group Referencing Missing ELB
Fixed a bug where Conformity Bot generated an incorrect result for the rule due to throttling.