🔐 IAM (Global)
IAM Compliance Findings
4
Total IAM Users
4
Users Without MFA
4
Access Keys >90 Days Old
0
Users with Admin Access
IAM Users
| User Name | MFA Enabled | Access Key ID | Key Status | Key Created |
|---|---|---|---|---|
| casiny_staging_cms_nginx_s3_gateway | No | AKIAZDELHCZ2XOIBH24R | Active | 2025-07-22 |
| casiny_staging_ecs_deploy | No | AKIAZDELHCZ2Y7KOSW5M | Active | 2025-07-22 |
| casiny_staging_s3upload | No | AKIAZDELHCZ25J4BXHOL | Active | 2025-07-22 |
| casiny_staging_sqs | No | AKIAZDELHCZ2RWKPPWMH | Active | 2025-07-22 |
📍 Region: eu-west-2
VPCs & Subnets
| Name | VPC ID | CIDR Block | State | Tenancy | Tags |
|---|---|---|---|---|---|
| aws-controltower-VPC | vpc-0e39b843d81d040c8 |
172.31.0.0/16 | available | default | aws:cloudformation:stack-id=arn:aws:cloudformation:eu-west-2:625209710197:stack/StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-32875e87-571a-4fbe-9251-1e25b50ab4c3/20042c00-2bd8-11f0-8e7c-0a150103db51aws:cloudformation:stack-name=StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-32875e87-571a-4fbe-9251-1e25b50ab4c3aws:cloudformation:logical-id=VPC |
Subnets
| Name | Subnet ID | VPC ID | CIDR Block | AZ | Available IPs | Public IP on Launch | Tags |
|---|---|---|---|---|---|---|---|
| aws-controltower-PrivateSubnet3A | subnet-0d5e7c99593195efa |
vpc-0e39b843d81d040c8 | 172.31.80.0/20 | eu-west-2c | 4091 | No | aws:cloudformation:stack-id=arn:aws:cloudformation:eu-west-2:625209710197:stack/StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-32875e87-571a-4fbe-9251-1e25b50ab4c3/20042c00-2bd8-11f0-8e7c-0a150103db51Network=Privateaws:cloudformation:logical-id=PrivateSubnet3Aaws:cloudformation:stack-name=StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-32875e87-571a-4fbe-9251-1e25b50ab4c3 |
| aws-controltower-PrivateSubnet1A | subnet-0990287e8d9064200 |
vpc-0e39b843d81d040c8 | 172.31.64.0/20 | eu-west-2a | 4091 | No | aws:cloudformation:stack-id=arn:aws:cloudformation:eu-west-2:625209710197:stack/StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-32875e87-571a-4fbe-9251-1e25b50ab4c3/20042c00-2bd8-11f0-8e7c-0a150103db51Network=Privateaws:cloudformation:stack-name=StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-32875e87-571a-4fbe-9251-1e25b50ab4c3aws:cloudformation:logical-id=PrivateSubnet1A |
| aws-controltower-PrivateSubnet2A | subnet-02f470ec681cadfe2 |
vpc-0e39b843d81d040c8 | 172.31.32.0/20 | eu-west-2b | 4091 | No | aws:cloudformation:stack-name=StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-32875e87-571a-4fbe-9251-1e25b50ab4c3aws:cloudformation:logical-id=PrivateSubnet2ANetwork=Privateaws:cloudformation:stack-id=arn:aws:cloudformation:eu-west-2:625209710197:stack/StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-32875e87-571a-4fbe-9251-1e25b50ab4c3/20042c00-2bd8-11f0-8e7c-0a150103db51 |
Lambda Functions
| Function Name | Runtime | Memory | Timeout | VPC | Last Modified | Tags |
|---|---|---|---|---|---|---|
| aws-controltower-NotificationForwarder | python3.13 | 128 MB | 60s | No VPC | 2025-08-21 | aws:cloudformation:logical-id=ForwardSnsNotificationaws:cloudformation:stack-id=arn:aws:cloudformation:eu-west-2:625209710197:stack/StackSet-AWSControlTowerBP-BASELINE-CLOUDWATCH-b7f044d3-b195-46aa-a5d9-aa54c3fd52c0/a6228ad0-2bd7-11f0-bb4d-0affff764169aws:cloudformation:stack-name=StackSet-AWSControlTowerBP-BASELINE-CLOUDWATCH-b7f044d3-b195-46aa-a5d9-aa54c3fd52c0 |
CloudWatch Log Groups
Total Log Groups: 2
Without Retention Policy: 0
| Log Group Name | Retention (Days) | Stored Size |
|---|---|---|
/aws/lambda/aws-controltower-NotificationForwarder |
14 | 0 B |
StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-32875e87-571a-4fbe-9251-1e25b50ab4c3-VPCFlowLogsLogGroup-U7wArxImO6iR |
90 | 0 B |
Compliance Findings
Network & Security (Section 5.2)
0
Open Security Groups (0.0.0.0/0)
0
EC2 Without IMDSv2
Yes
CloudTrail Enabled
Data Protection (Section 5.4)
0
Unencrypted EBS Volumes
0
Unencrypted RDS
0
SQS Without Encryption
Logging & Monitoring (Section 5.3)
0
Log Groups (No Retention)
RDS Standards (Section 7)
0
Public RDS Instances
0
RDS Without Multi-AZ
0
RDS Without Backups
Lambda Standards (Section 7)
0
Lambda Default Timeout (3s)
1
Lambda Without DLQ
SQS Standards (Section 7)
0
SQS Without DLQ
ECS Standards (Section 7)
0
Plaintext Env Vars
0
Privileged Containers
📍 Region: ap-east-1
VPCs & Subnets
| Name | VPC ID | CIDR Block | State | Tenancy | Tags |
|---|---|---|---|---|---|
| casiny-staging-vpc | vpc-077f3dfab31c79b67 |
10.20.0.0/16 | available | default | Environment=stagingmap-migrated=migS0EK6JMBZCCustomer=casiny |
Subnets
| Name | Subnet ID | VPC ID | CIDR Block | AZ | Available IPs | Public IP on Launch | Tags |
|---|---|---|---|---|---|---|---|
| casiny-staging-public-subnet-1 | subnet-0876185453f438dec |
vpc-077f3dfab31c79b67 | 10.20.2.0/24 | ap-east-1a | 245 | No | Customer=casinyEnvironment=stagingmap-migrated=migS0EK6JMBZC |
| casiny-staging-private-subnet-2 | subnet-022c1b8b670a73161 |
vpc-077f3dfab31c79b67 | 10.20.3.0/24 | ap-east-1b | 245 | No | Customer=casinymap-migrated=migS0EK6JMBZCEnvironment=staging |
| casiny-staging-private-subnet-1 | subnet-0c25b2f50d9028c2c |
vpc-077f3dfab31c79b67 | 10.20.1.0/24 | ap-east-1a | 242 | No | Environment=stagingCustomer=casinymap-migrated=migS0EK6JMBZC |
| casiny-staging-public-subnet-2 | subnet-034129fd56745464c |
vpc-077f3dfab31c79b67 | 10.20.4.0/24 | ap-east-1b | 248 | No | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
EC2 Instances
| Name | Instance ID | Type | State | Public IP | Private IP | VPC | Security Groups | AMI | Key Pair | IAM Profile | EBS Volumes | IMDSv2 | Tags |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| casiny_staging_graylog | i-0e86109e7f0d8d94c |
t3.xlarge | running | 16.163.157.52 | 10.20.2.49 | vpc-077f3dfab31c79b67 | sg-09f97e09b7a3001bf | ami-0f71595fdca201d04 | casiny_staging_July2025 | casiny_staging_SSMInstanceProfile | 1 | optional | Environment=stagingmap-migrated=migS0EK6JMBZCCustomer=casiny |
| casiny_staging_integration_graylog | i-0a58f7e93e1b72b37 |
t3.large | running | 43.198.203.20 | 10.20.2.57 | vpc-077f3dfab31c79b67 | sg-09f97e09b7a3001bf | ami-06bef250ea6620eac | casiny_staging_July2025 | casiny_staging_SSMInstanceProfile | 1 | optional | Customer=casinymap-migrated=migS0EK6JMBZCEnvironment=staging |
| casiny_staging_elk | i-043f84cba9dcd3b8d |
t3.large | running | 18.163.238.163 | 10.20.2.124 | vpc-077f3dfab31c79b67 | sg-09f97e09b7a3001bf | ami-0f86ee3fe22d74141 | casiny_staging_July2025 | casiny_staging_SSMInstanceProfile | 1 | optional | map-migrated=migS0EK6JMBZCEnvironment=stagingCustomer=casiny |
| casiny_staging_mongodb_cms | i-04e0fba1b3369c18a |
t3.medium | running | - | 10.20.1.238 | vpc-077f3dfab31c79b67 | sg-09f97e09b7a3001bf | ami-0f86ee3fe22d74141 | casiny_staging_July2025 | casiny_staging_SSMInstanceProfile | 1 | optional | Customer=casinymap-migrated=migS0EK6JMBZCEnvironment=staging |
| casiny_staging_bastion_host | i-0bf5d6b3b28830209 |
t3.micro | running | 18.167.251.197 | 10.20.2.38 | vpc-077f3dfab31c79b67 | sg-01d0961521942611f | ami-0f86ee3fe22d74141 | casiny_staging_July2025 | casiny_staging_SSMInstanceProfile | 1 | optional | Customer=casinymap-migrated=migS0EK6JMBZCEnvironment=staging |
| casiny-staging-bitbucket-runner-0-spot-instance | i-01f34ea7ad118487d |
t3.large | running | - | 10.20.1.185 | vpc-077f3dfab31c79b67 | sg-09f97e09b7a3001bf | ami-0195d998dd0d5a512 | casiny_staging_July2025 | casiny_staging_SSMInstanceProfile | 1 | optional | Customer=casinyaws:ec2spot:fleet-request-id=sfr-a6ee72e1-09dc-48bf-b0e0-0c23afe0bd22Environment=stagingmap-migrated=migS0EK6JMBZC |
| ECS Instance - EC2ContainerService-casiny-staging-fe-bo-cms-cdn-websocket-cronjob-ecs-cluster | i-08fad7a73a4e326ad |
c5a.2xlarge | running | - | 10.20.1.131 | vpc-077f3dfab31c79b67 | sg-09f97e09b7a3001bf | ami-035fccda7ffa2f58a | casiny_staging_July2025 | casiny_staging_SSM_EcsInstanceProfile | 1 | required | AmazonECSManaged=ECS Cluster managed by Amazonaws:autoscaling:groupName=casiny-staging-Asg-fe-bo-cms-cdn-websocket-cronjob-ecs-clustermap-migrated=migS0EK6JMBZCCustomer=casinyaws:ec2launchtemplate:id=lt-0f6230a536bb48b4caws:ec2launchtemplate:version=2Environment=staging |
EBS Volumes
| Name | Volume ID | Size (GiB) | Type | State | Encrypted | IOPS | Attached Instance | Device | AZ | Tags |
|---|---|---|---|---|---|---|---|---|---|---|
| - | vol-03fb6ff930a845ffd |
200 | gp3 | in-use | No | 3000 | i-0a58f7e93e1b72b37 | /dev/sda1 | ap-east-1a | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| - | vol-03aa179ba779ba3e9 |
50 | gp3 | in-use | No | 3000 | i-043f84cba9dcd3b8d | /dev/sda1 | ap-east-1a | Environment=stagingCustomer=casinymap-migrated=migS0EK6JMBZC |
| - | vol-02afe51a787854f6f |
500 | gp3 | in-use | No | 3000 | i-0e86109e7f0d8d94c | /dev/sda1 | ap-east-1a | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| - | vol-006ad4c6bb975558a |
40 | gp3 | in-use | No | 3000 | i-0bf5d6b3b28830209 | /dev/sda1 | ap-east-1a | map-migrated=migS0EK6JMBZCEnvironment=stagingCustomer=casiny |
| - | vol-0b81e5efb76e0a309 |
30 | gp3 | in-use | No | 3000 | i-01f34ea7ad118487d | /dev/sda1 | ap-east-1a | - |
| - | vol-0f3395a9e56e51758 |
50 | gp3 | in-use | No | 3000 | i-04e0fba1b3369c18a | /dev/sda1 | ap-east-1a | Environment=stagingmap-migrated=migS0EK6JMBZCCustomer=casiny |
| - | vol-0c663d7584dd49805 |
100 | gp3 | in-use | No | 3000 | i-08fad7a73a4e326ad | /dev/xvda | ap-east-1a | - |
ECS Clusters
| Cluster Name | Status | Running Tasks | Pending Tasks | Active Services | Container Instances |
|---|---|---|---|---|---|
| casiny-staging-queue-fargate-ecs-cluster | ACTIVE | 1 | 0 | 1 | 0 |
| casiny-staging-callback-fargate-ecs-cluster | ACTIVE | 1 | 0 | 1 | 0 |
| casiny-staging-fe-bo-cms-cdn-websocket-cronjob-ecs-cluster | ACTIVE | 7 | 0 | 9 | 1 |
| casiny-staging-api-fargate-ecs-cluster | ACTIVE | 1 | 0 | 1 | 0 |
ECS Services
| Service Name | Status | Desired | Running | Launch Type | Task Definition | Load Balancers | Security Groups |
|---|---|---|---|---|---|---|---|
| casiny-staging-fe-service | ACTIVE | 1 | 1 | EC2 | casiny-staging-fe-task-definitions:11 | 1 target groups | |
| casiny-staging-cms-service | ACTIVE | 1 | 1 | EC2 | casiny-staging-cms-task-definitions:2 | 2 target groups | |
| casiny-staging-bo-service | ACTIVE | 1 | 1 | EC2 | casiny-staging-bo-task-definitions:37 | 1 target groups | |
| casiny-staging-cronjob-service | ACTIVE | 1 | 1 | EC2 | casiny-staging-cronjob-task-definitions:37 | 0 target groups | |
| casiny-staging-seon-proxy-service | ACTIVE | 0 | 0 | EC2 | casiny-staging-seon-proxy-task-definitions:1 | 1 target groups | |
| casiny-staging-fasttrack-proxy-service | ACTIVE | 0 | 0 | EC2 | casiny-staging-fasttrack-proxy-task-definitions:1 | 1 target groups | |
| casiny-staging-fe-1-service | ACTIVE | 1 | 1 | EC2 | casiny-staging-fe-1-task-definitions:8 | 1 target groups | |
| casiny-staging-cdn-cms-service | ACTIVE | 1 | 1 | EC2 | casiny-staging-cdn-cms-task-definitions:1 | 1 target groups | |
| casiny-staging-websocket-services | ACTIVE | 1 | 1 | EC2 | casiny-staging-websocket-task-definitions:2 | 2 target groups | |
| casiny-staging-queue-worker-service | ACTIVE | 1 | 1 | FARGATE | casiny-staging-queue-worker-fargate-task-definitions:37 | 0 target groups | sg-09f97e09b7a3001bf |
| casiny-staging-callback-service | ACTIVE | 1 | 1 | FARGATE | casiny-staging-callback-fargate-task-definitions:38 | 1 target groups | sg-09f97e09b7a3001bf |
| casiny-staging-api-service | ACTIVE | 1 | 1 | FARGATE | casiny-staging-api-fargate-task-definitions:37 | 1 target groups | sg-09f97e09b7a3001bf |
ECS Task Definitions (Active)
| Family | Rev | CPU | Memory | Containers | Task Role | Privileged | Env Vars | Secrets | Log Config |
|---|---|---|---|---|---|---|---|---|---|
| casiny-staging-api-fargate-task-definitions | 37 | 4096 | 8192 | 2 | Yes | No | 11 | 0 | No logs, awslogs:/ecs/casiny-staging-api |
| casiny-staging-bo-task-definitions | 37 | - | - | 2 | No | No | 11 | 0 | No logs |
| casiny-staging-callback-fargate-task-definitions | 38 | 2048 | 4096 | 2 | Yes | No | 11 | 0 | No logs, awslogs:/ecs/casiny-staging-callback |
| casiny-staging-cdn-cms-task-definitions | 1 | - | - | 1 | No | No | 0 | 0 | No logs |
| casiny-staging-cms-task-definitions | 2 | - | - | 2 | No | No | 1 | 0 | No logs |
| casiny-staging-cronjob-task-definitions | 37 | - | - | 2 | No | No | 6 | 0 | No logs |
| casiny-staging-fasttrack-proxy-task-definitions | 1 | - | - | 1 | No | No | 1 | 0 | json-file |
| casiny-staging-fe-1-task-definitions | 8 | - | - | 2 | No | No | 1 | 0 | No logs |
| casiny-staging-fe-task-definitions | 11 | - | - | 2 | No | No | 1 | 0 | No logs |
| casiny-staging-queue-worker-fargate-task-definitions | 37 | 16384 | 32768 | 2 | Yes | No | 6 | 0 | No logs |
| casiny-staging-seon-proxy-task-definitions | 1 | - | - | 1 | No | No | 1 | 0 | json-file |
| casiny-staging-websocket-task-definitions | 2 | - | - | 2 | No | No | 0 | 0 | No logs, json-file |
Container Configuration Detail
⚠️ Plaintext environment variables should be avoided for sensitive data. Use Secrets Manager or SSM Parameter Store. log_router containers are excluded.
| Task Definition | Container | Image | Log Config | Plaintext Env Vars | Secrets (SSM/SM) |
|---|---|---|---|---|---|
| casiny-staging-api-fargate-task-definitions:37 | terragon-api | 625209710197.dkr.ecr.ap-east-1.amazonaws.com/casiny-staging-api:fdbd03a-810-release-csy-platform-1.6.1 | awslogs:/ecs/casiny-staging-api | SERVER_PORTSERVICE_NAMESERVER_NAMECADDY_SERVER_WORKER_COUNTFRANKENPHP_WORKER_PATH | - |
| casiny-staging-api-fargate-task-definitions:37 | filebeat | 625209710197.dkr.ecr.ap-east-1.amazonaws.com/casiny-staging-filebeat:4.1 | No logs | LOGSTASH_LISTEN_PORTLOGSTASH_HOSTGRAYLOG_INTEGRATION_HOSTGRAYLOG_HOSTGRAYLOG_INTEGRATION_LISTEN_PORTGRAYLOG_LISTEN_PORT | - |
| casiny-staging-bo-task-definitions:37 | terragon-bo | 625209710197.dkr.ecr.ap-east-1.amazonaws.com/casiny-staging-bo:fdbd03a-810-release-csy-platform-1.6.1 | No logs | SERVER_PORTSERVICE_NAMESERVER_NAMECADDY_SERVER_WORKER_COUNTFRANKENPHP_WORKER_PATH | - |
| casiny-staging-bo-task-definitions:37 | filebeat | 625209710197.dkr.ecr.ap-east-1.amazonaws.com/casiny-staging-filebeat:4.1 | No logs | LOGSTASH_LISTEN_PORTLOGSTASH_HOSTGRAYLOG_INTEGRATION_HOSTGRAYLOG_HOSTGRAYLOG_INTEGRATION_LISTEN_PORTGRAYLOG_LISTEN_PORT | - |
| casiny-staging-callback-fargate-task-definitions:38 | terragon-callback | 625209710197.dkr.ecr.ap-east-1.amazonaws.com/casiny-staging-callback:fdbd03a-810-release-csy-platform-1.6.1 | awslogs:/ecs/casiny-staging-callbac... | SERVER_PORTSERVICE_NAMESERVER_NAMECADDY_SERVER_WORKER_COUNTFRANKENPHP_WORKER_PATH | - |
| casiny-staging-callback-fargate-task-definitions:38 | filebeat | 625209710197.dkr.ecr.ap-east-1.amazonaws.com/casiny-staging-filebeat:4.1 | No logs | LOGSTASH_LISTEN_PORTLOGSTASH_HOSTGRAYLOG_INTEGRATION_HOSTGRAYLOG_HOSTGRAYLOG_INTEGRATION_LISTEN_PORTGRAYLOG_LISTEN_PORT | - |
| casiny-staging-cdn-cms-task-definitions:1 | nginx-s3-gateway | 625209710197.dkr.ecr.ap-east-1.amazonaws.com/casiny-staging-nginx-base:s3-gateway-1.0 | No logs | None | - |
| casiny-staging-cms-task-definitions:2 | nginx-cms | 625209710197.dkr.ecr.ap-east-1.amazonaws.com/casiny-staging-nginx-base:3.0 | No logs | NGINX_DEFAULT_CONF_FILE | - |
| casiny-staging-cms-task-definitions:2 | terragon-cms | 625209710197.dkr.ecr.ap-east-1.amazonaws.com/casiny-staging-cms:1862771-7-develop | No logs | None | - |
| casiny-staging-cronjob-task-definitions:37 | cronjob | 625209710197.dkr.ecr.ap-east-1.amazonaws.com/casiny-staging-cronjob:fdbd03a-810-release-csy-platform-1.6.1 | No logs | None | - |
| casiny-staging-cronjob-task-definitions:37 | filebeat | 625209710197.dkr.ecr.ap-east-1.amazonaws.com/casiny-staging-filebeat:4.1 | No logs | LOGSTASH_LISTEN_PORTLOGSTASH_HOSTGRAYLOG_INTEGRATION_HOSTGRAYLOG_HOSTGRAYLOG_INTEGRATION_LISTEN_PORTGRAYLOG_LISTEN_PORT | - |
| casiny-staging-fasttrack-proxy-task-definitions:1 | nginx-fasttrack-proxy | 625209710197.dkr.ecr.ap-east-1.amazonaws.com/casiny-staging-nginx-base:3.0-fasttrack | json-file | NGINX_DEFAULT_CONF_FILE | - |
| casiny-staging-fe-1-task-definitions:8 | nginx-fe | 625209710197.dkr.ecr.ap-east-1.amazonaws.com/casiny-staging-nginx-base:3.0 | No logs | NGINX_DEFAULT_CONF_FILE | - |
| casiny-staging-fe-1-task-definitions:8 | app | 625209710197.dkr.ecr.ap-east-1.amazonaws.com/casiny-staging-fe-1:b64df7c-19917002836-release-1.18.0 | No logs | None | - |
| casiny-staging-fe-task-definitions:11 | nginx-fe | 625209710197.dkr.ecr.ap-east-1.amazonaws.com/casiny-staging-nginx-base:3.0 | No logs | NGINX_DEFAULT_CONF_FILE | - |
| casiny-staging-fe-task-definitions:11 | app | 625209710197.dkr.ecr.ap-east-1.amazonaws.com/casiny-staging-fe:b64df7c-19917002836-release-1.18.0 | No logs | None | - |
| casiny-staging-queue-worker-fargate-task-definitions:37 | queue-worker | 625209710197.dkr.ecr.ap-east-1.amazonaws.com/casiny-staging-queue-worker:fdbd03a-810-release-csy-platform-1.6.1 | No logs | None | - |
| casiny-staging-queue-worker-fargate-task-definitions:37 | filebeat | 625209710197.dkr.ecr.ap-east-1.amazonaws.com/casiny-staging-filebeat:4.1 | No logs | LOGSTASH_LISTEN_PORTLOGSTASH_HOSTGRAYLOG_INTEGRATION_HOSTGRAYLOG_HOSTGRAYLOG_INTEGRATION_LISTEN_PORTGRAYLOG_LISTEN_PORT | - |
| casiny-staging-seon-proxy-task-definitions:1 | nginx-seon-proxy | 625209710197.dkr.ecr.ap-east-1.amazonaws.com/casiny-staging-nginx-base:3.0-seon | json-file | NGINX_DEFAULT_CONF_FILE | - |
| casiny-staging-websocket-task-definitions:2 | nginx-websocket | 625209710197.dkr.ecr.ap-east-1.amazonaws.com/casiny-staging-nginx-base:3.0 | No logs | None | - |
| casiny-staging-websocket-task-definitions:2 | app | 625209710197.dkr.ecr.ap-east-1.amazonaws.com/casiny-staging-soketi:1.0-16-debian | json-file | None | - |
RDS Instances
| DB Identifier | Engine | Class | Status | Storage | Encrypted | Multi-AZ | Public | Backup | Delete Prot. | Tags |
|---|---|---|---|---|---|---|---|---|---|---|
| casiny-staging-aurora-primary-cluster-instance-0 | aurora-mysql 8.0.mysql_aurora.3.08.2 | db.t4g.medium | available | 1 GiB | Yes | No | No | 7d | No | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
SQS Queues
Total Queues: 58
Without Encryption: 58
Without DLQ: 58
| Queue Name | Type | Encrypted | DLQ Configured | Visibility Timeout | Messages | Tags |
|---|---|---|---|---|---|---|
| accumulate_bonus_programs_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| accumulate_bonus_programs_casiny_staging.fifo | FIFO | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| accumulate_bonus_programs_ref_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| accumulate_bonus_programs_referral_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| accumulate_bonus_programs_settle_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| ad_checks_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| assign_new_game_to_bonus_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| assign_new_game_to_game_segment_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| assign_new_game_to_game_tag_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| audit_logs_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| automatic_withdrawal_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| betting_limit_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| bonuses_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| broadcast_balance_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| broadcast_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| calendar_bonus_programs_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| campaign_message_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| casino_bet_detail_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| challenges_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| compliance_actions_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| compliances_casiny_staging.fifo | FIFO | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| crm_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| crm_high_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| default_casiny_staging | Standard | No | No | 300s | 7 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| emails_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| export_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| game_log_locks_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| game_logs_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| game_logs_casiny_staging.fifo | FIFO | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| import_batches_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| loyalty_programs_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| payment_integration_logs_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| player_activities_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| player_flagged_computing_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| player_tips_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| player_transaction_summary_realtime_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| player_transactional_summary_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| player_vip_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| post_wagered_bonus_programs_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| prune_open_bets_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| quests_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| rebate_programs_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| recent_games_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| referral_plans_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| risk_fraud_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| segments_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| segments_casiny_staging.fifo | FIFO | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| segments_computing_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| segments_computing_casiny_staging.fifo | FIFO | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| sms_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| sportbook_bet_detail_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| spotlight-search_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| sync_game_to_ec_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| telescope_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| tournaments_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| tournaments_casiny_staging.fifo | FIFO | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| wagering_requirements_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| webhook_call_casiny_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
Secrets Manager
Total Secrets: 3
Without Rotation: 3
| Secret Name | Description | KMS Key | Rotation | Last Rotated | Last Accessed | Tags |
|---|---|---|---|---|---|---|
| casiny-staging-rds-admin-password | - | secretsmanager |
Disabled | - | 2026-01-13 | map-migrated=migS0EK6JMBZCEnvironment=stagingCustomer=casiny |
| casiny-staging-redshift-admin-password | - | secretsmanager |
Disabled | - | 2026-01-13 | map-migrated=migS0EK6JMBZCEnvironment=stagingCustomer=casiny |
| casiny-staging-other-credentials | - | secretsmanager |
Disabled | - | 2025-11-26 | - |
CloudWatch Log Groups
Total Log Groups: 6
Without Retention Policy: 2
| Log Group Name | Retention (Days) | Stored Size |
|---|---|---|
/aws/rds/cluster/casiny-staging-primary-cluster/error |
Never Expire | 582.75 MB |
/ecs/casiny-staging-api |
365 | 54.22 KB |
/ecs/casiny-staging-callback |
365 | 49.88 KB |
/ecs/casiny-staging-queue-worker |
365 | 0 B |
RDSOSMetrics |
30 | 68.06 MB |
casiny-staging-backend-redis-slowlog |
Never Expire | 177.39 KB |
Application & Network Load Balancers
| Name | Type | Scheme | State | DNS Name | VPC | AZs | Listeners | Target Groups | Tags |
|---|---|---|---|---|---|---|---|---|---|
| casiny-staging-ecs-alb | APPLICATION | internet-facing | active | casiny-staging-ecs-alb-1693872340.ap-east-1.elb.amazonaws.com | vpc-077f3dfab31c79b67 | 2 | HTTPS:443, HTTP:80 | 13 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| casiny-staging-ecs-internal-alb | APPLICATION | internal | active | internal-casiny-staging-ecs-internal-alb-1790760036.ap-east-1.elb.amazonaws.com | vpc-077f3dfab31c79b67 | 2 | HTTP:80, HTTPS:443 | 2 | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
Target Groups
| Load Balancer | Target Group Name | Protocol | Port | Target Type | Health Check |
|---|---|---|---|---|---|
| casiny-staging-ecs-alb | casiny-staging-api-fg-tg-441 | HTTPS | 441 | ip | HTTPS:/robots.txt |
| casiny-staging-ecs-alb | casiny-staging-bo-tg-443 | HTTPS | 440 | instance | HTTPS:/player/api/v1/ping |
| casiny-staging-ecs-alb | casiny-staging-callbck-fg-tg-442 | HTTPS | 442 | ip | HTTPS:/player/api/v1/ping |
| casiny-staging-ecs-alb | casiny-staging-cdn-cms-tg-449 | HTTPS | 449 | instance | HTTPS:/health |
| casiny-staging-ecs-alb | casiny-staging-cms-tg-444 | HTTPS | 444 | instance | HTTPS:/ |
| casiny-staging-ecs-alb | casiny-staging-elk-tg-443 | HTTPS | 443 | instance | HTTPS:/ |
| casiny-staging-ecs-alb | casiny-staging-fe-1-tg-443 | HTTPS | 443 | instance | HTTPS:/robots.txt |
| casiny-staging-ecs-alb | casiny-staging-fe-tg-443 | HTTPS | 443 | instance | HTTPS:/robots.txt |
| casiny-staging-ecs-alb | casiny-staging-ft-proxy-tg-445 | HTTPS | 445 | instance | HTTPS:/healthcheck |
| casiny-staging-ecs-alb | casiny-staging-graylog-tg-443 | HTTPS | 443 | instance | HTTPS:/ |
| casiny-staging-ecs-alb | casiny-staging-intglog-tg-443 | HTTPS | 443 | instance | HTTPS:/ |
| casiny-staging-ecs-alb | casiny-staging-seonproxy-tg-450 | HTTPS | 450 | instance | HTTPS:/healthcheck |
| casiny-staging-ecs-alb | casiny-staging-ws-tg-6002 | HTTPS | 6002 | instance | HTTPS:/ |
| casiny-staging-ecs-internal-alb | casiny-staging-cms-internal-444 | HTTPS | 444 | instance | HTTPS:/ |
| casiny-staging-ecs-internal-alb | casiny-staging-ws-int-6002 | HTTPS | 6002 | instance | HTTPS:/ |
Security Groups (In Use)
| Name | Group ID | VPC | Used By | Inbound Ports | Outbound Ports | Open to Internet | Tags |
|---|---|---|---|---|---|---|---|
| casiny-staging-allow-http-https | sg-007d450098d111505 |
vpc-077f3dfab31c79b67 | APPLICATION(1) | tcp:443, tcp:80 | All | Yes | Customer=casinymap-migrated=migS0EK6JMBZCEnvironment=staging |
| casiny-staging-allow-local-port-3306 | sg-0e23f52b19171871d |
vpc-077f3dfab31c79b67 | RDS(1) | tcp:3306 | All | No | map-migrated=migS0EK6JMBZCEnvironment=stagingCustomer=casiny |
| casiny-staging-allow-local | sg-09f97e09b7a3001bf |
vpc-077f3dfab31c79b67 | APPLICATION(1), EC2(6), ECS(3) | All | All | No | map-migrated=migS0EK6JMBZCCustomer=casinyEnvironment=staging |
| casiny-staging-allow-ssh | sg-01d0961521942611f |
vpc-077f3dfab31c79b67 | EC2(1) | tcp:22 | All | No | map-migrated=migS0EK6JMBZCEnvironment=stagingCustomer=casiny |
Security Group Rules Detail
| Security Group | Direction | Protocol | Port Range | Source/Destination |
|---|---|---|---|---|
casiny-staging-allow-http-https sg-007d450098d111505 |
Inbound | tcp | 80 | 0.0.0.0/0 |
casiny-staging-allow-http-https sg-007d450098d111505 |
Inbound | tcp | 443 | 0.0.0.0/0 |
casiny-staging-allow-local-port-3306 sg-0e23f52b19171871d |
Inbound | tcp | 3306 | 10.20.3.0/24, 10.20.1.0/24, 10.20.2.38/32, 10.0.2.5/32 |
casiny-staging-allow-local sg-09f97e09b7a3001bf |
Inbound | All | All | 10.20.4.0/24, 10.20.3.0/24, 10.20.2.0/24, 10.20.1.0/24 |
casiny-staging-allow-ssh sg-01d0961521942611f |
Inbound | tcp | 22 | 93.36.220.74/32, 18.132.4.226/32, 84.252.112.3/32, 115.78.100.17/32, 119.93.179.143/32, 92.251.112.229/32, 43.218.68.91/32, 3.108.12.97/32, 38.54.33.217/32, 115.79.29.29/32, 14.161.16.211/32, 118.69.133.85/32 |
casiny-staging-allow-http-https sg-007d450098d111505 |
Outbound | All | All | 0.0.0.0/0 |
casiny-staging-allow-local-port-3306 sg-0e23f52b19171871d |
Outbound | All | All | 0.0.0.0/0 |
casiny-staging-allow-local sg-09f97e09b7a3001bf |
Outbound | All | All | 0.0.0.0/0 |
casiny-staging-allow-ssh sg-01d0961521942611f |
Outbound | All | All | 0.0.0.0/0 |
Compliance Findings
Network & Security (Section 5.2)
1
Open Security Groups (0.0.0.0/0)
6
EC2 Without IMDSv2
Yes
CloudTrail Enabled
Data Protection (Section 5.4)
7
Unencrypted EBS Volumes
0
Unencrypted RDS
58
SQS Without Encryption
Logging & Monitoring (Section 5.3)
2
Log Groups (No Retention)
RDS Standards (Section 7)
0
Public RDS Instances
1
RDS Without Multi-AZ
0
RDS Without Backups
Lambda Standards (Section 7)
0
Lambda Default Timeout (3s)
0
Lambda Without DLQ
SQS Standards (Section 7)
58
SQS Without DLQ
ECS Standards (Section 7)
50
Plaintext Env Vars
0
Privileged Containers