Example Questions

  • Do we have security groups permitting SSH from 0.0.0.0/0?
  • Which IAM policies were manually created in the AWS console?
  • Are there any unencrypted S3 buckets?
  • Who approved the last security group change?
  • Are all IAM users using MFA?
  • Are there any public S3 buckets?
  • Are there any expired or soon-to-expire SSL/TLS certificates?
  • Which accounts have unused or stale access keys?