🔐 IAM (Global)
IAM Compliance Findings
10
Total IAM Users
10
Users Without MFA
0
Access Keys >90 Days Old
1
Users with Admin Access
IAM Users
| User Name | MFA Enabled | Access Key ID | Key Status | Key Created |
|---|---|---|---|---|
| developers | No | - | - | - |
| github-actions-staging | No | AKIA5DY72EQWXU7UEWWO | Active | 2025-11-13 |
| loco | No | - | - | - |
| razed_staging_cms_nginx_s3_gateway | No | AKIA5DY72EQW7VP5Q5EC | Active | 2025-11-07 |
| razed_staging_devops | No | AKIA5DY72EQW5L4FKD4X | Active | 2025-11-11 |
| razed_staging_ecs_deploy | No | AKIA5DY72EQW7GQKHYAG | Active | 2025-11-07 |
| razed_staging_ecs_deploy | No | AKIA5DY72EQWYO4SN24J | Active | 2025-12-03 |
| razed_staging_infras_watcher | No | - | - | - |
| razed_staging_s3upload | No | AKIA5DY72EQWYXCF5C2B | Active | 2025-11-07 |
| razed_staging_sqs | No | AKIA5DY72EQW5LGV6GPC | Active | 2025-11-07 |
| spintech_bi | No | - | - | - |
Users with AdministratorAccess Policy
| User Name |
|---|
| razed_staging_devops |
📍 Region: eu-west-2
VPCs & Subnets
| Name | VPC ID | CIDR Block | State | Tenancy | Tags |
|---|---|---|---|---|---|
| aws-controltower-VPC | vpc-0ccc97038e4f8d76c |
172.31.0.0/16 | available | default | aws:cloudformation:logical-id=VPCaws:cloudformation:stack-id=arn:aws:cloudformation:eu-west-2:901472986157:stack/StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-ff5e5a9e-815b-4240-9dec-38b5436dcc40/29a11c00-2bd8-11f0-ad77-0abd917ec8bbaws:cloudformation:stack-name=StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-ff5e5a9e-815b-4240-9dec-38b5436dcc40 |
Subnets
| Name | Subnet ID | VPC ID | CIDR Block | AZ | Available IPs | Public IP on Launch | Tags |
|---|---|---|---|---|---|---|---|
| aws-controltower-PrivateSubnet2A | subnet-093835b519b266693 |
vpc-0ccc97038e4f8d76c | 172.31.32.0/20 | eu-west-2b | 4091 | No | Network=Privateaws:cloudformation:stack-id=arn:aws:cloudformation:eu-west-2:901472986157:stack/StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-ff5e5a9e-815b-4240-9dec-38b5436dcc40/29a11c00-2bd8-11f0-ad77-0abd917ec8bbaws:cloudformation:logical-id=PrivateSubnet2Aaws:cloudformation:stack-name=StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-ff5e5a9e-815b-4240-9dec-38b5436dcc40 |
| aws-controltower-PrivateSubnet3A | subnet-02f680e2334f5b7c6 |
vpc-0ccc97038e4f8d76c | 172.31.80.0/20 | eu-west-2c | 4091 | No | aws:cloudformation:stack-name=StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-ff5e5a9e-815b-4240-9dec-38b5436dcc40aws:cloudformation:logical-id=PrivateSubnet3ANetwork=Privateaws:cloudformation:stack-id=arn:aws:cloudformation:eu-west-2:901472986157:stack/StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-ff5e5a9e-815b-4240-9dec-38b5436dcc40/29a11c00-2bd8-11f0-ad77-0abd917ec8bb |
| aws-controltower-PrivateSubnet1A | subnet-0c30dbd16dc50f23a |
vpc-0ccc97038e4f8d76c | 172.31.64.0/20 | eu-west-2a | 4091 | No | aws:cloudformation:stack-name=StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-ff5e5a9e-815b-4240-9dec-38b5436dcc40aws:cloudformation:logical-id=PrivateSubnet1ANetwork=Privateaws:cloudformation:stack-id=arn:aws:cloudformation:eu-west-2:901472986157:stack/StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-ff5e5a9e-815b-4240-9dec-38b5436dcc40/29a11c00-2bd8-11f0-ad77-0abd917ec8bb |
Lambda Functions
| Function Name | Runtime | Memory | Timeout | VPC | Last Modified | Tags |
|---|---|---|---|---|---|---|
| aws-controltower-NotificationForwarder | python3.13 | 128 MB | 60s | No VPC | 2025-08-21 | aws:cloudformation:logical-id=ForwardSnsNotificationaws:cloudformation:stack-id=arn:aws:cloudformation:eu-west-2:901472986157:stack/StackSet-AWSControlTowerBP-BASELINE-CLOUDWATCH-26009c96-15a3-4ac4-b471-4d0c71e2cbc4/af431ee0-2bd7-11f0-bd78-022cb9003d59aws:cloudformation:stack-name=StackSet-AWSControlTowerBP-BASELINE-CLOUDWATCH-26009c96-15a3-4ac4-b471-4d0c71e2cbc4 |
CloudWatch Log Groups
Total Log Groups: 2
Without Retention Policy: 0
| Log Group Name | Retention (Days) | Stored Size |
|---|---|---|
/aws/lambda/aws-controltower-NotificationForwarder |
14 | 0 B |
StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-ff5e5a9e-815b-4240-9dec-38b5436dcc40-VPCFlowLogsLogGroup-QKGAblCytGut |
90 | 0 B |
Compliance Findings
Network & Security (Section 5.2)
0
Open Security Groups (0.0.0.0/0)
0
EC2 Without IMDSv2
Yes
CloudTrail Enabled
Data Protection (Section 5.4)
0
Unencrypted EBS Volumes
0
Unencrypted RDS
0
SQS Without Encryption
Logging & Monitoring (Section 5.3)
0
Log Groups (No Retention)
RDS Standards (Section 7)
0
Public RDS Instances
0
RDS Without Multi-AZ
0
RDS Without Backups
Lambda Standards (Section 7)
0
Lambda Default Timeout (3s)
1
Lambda Without DLQ
SQS Standards (Section 7)
0
SQS Without DLQ
ECS Standards (Section 7)
0
Plaintext Env Vars
0
Privileged Containers
📍 Region: eu-central-2
VPCs & Subnets
| Name | VPC ID | CIDR Block | State | Tenancy | Tags |
|---|---|---|---|---|---|
| razed-staging-vpc | vpc-0d7df2123da5a7903 |
10.0.0.0/16 | available | default | map-migrated=migS0EK6JMBZCEnvironment=stagingCustomer=razed |
| cloudnomads-cdk-builder | vpc-0624f02edd21fd500 |
100.64.0.0/28 | available | default | aws:cloudformation:logical-id=CdkBuilderVpcaws:cloudformation:stack-id=arn:aws:cloudformation:eu-central-2:901472986157:stack/cloudnomads-cdk-builder/01b438b0-7e5a-11f0-9bb3-0edf1f35de83aws:cloudformation:stack-name=cloudnomads-cdk-builder |
Subnets
| Name | Subnet ID | VPC ID | CIDR Block | AZ | Available IPs | Public IP on Launch | Tags |
|---|---|---|---|---|---|---|---|
| razed-staging-public-subnet-2 | subnet-0a1a6992c907d4957 |
vpc-0d7df2123da5a7903 | 10.0.4.0/24 | eu-central-2b | 248 | No | Customer=razedEnvironment=stagingmap-migrated=migS0EK6JMBZC |
| razed-staging-public-subnet-1 | subnet-02f22158b9989df3f |
vpc-0d7df2123da5a7903 | 10.0.2.0/24 | eu-central-2a | 240 | No | map-migrated=migS0EK6JMBZCEnvironment=stagingCustomer=razed |
| razed-staging-private-subnet-1 | subnet-0cb9bb41ff5755c84 |
vpc-0d7df2123da5a7903 | 10.0.1.0/24 | eu-central-2a | 230 | No | map-migrated=migS0EK6JMBZCEnvironment=stagingCustomer=razed |
| razed-staging-private-subnet-2 | subnet-0a614484628d2c1b4 |
vpc-0d7df2123da5a7903 | 10.0.3.0/24 | eu-central-2b | 238 | No | map-migrated=migS0EK6JMBZCEnvironment=stagingCustomer=razed |
| PubSub | subnet-00195f6944980461f |
vpc-0624f02edd21fd500 | 100.64.0.0/28 | eu-central-2b | 10 | Yes | aws:cloudformation:logical-id=PublicSubnetaws:cloudformation:stack-name=cloudnomads-cdk-builderaws:cloudformation:stack-id=arn:aws:cloudformation:eu-central-2:901472986157:stack/cloudnomads-cdk-builder/01b438b0-7e5a-11f0-9bb3-0edf1f35de83 |
EC2 Instances
| Name | Instance ID | Type | State | Public IP | Private IP | VPC | Security Groups | AMI | Key Pair | IAM Profile | EBS Volumes | IMDSv2 | Tags |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| cloudnomads-cdk-builder | i-0b4f226574f3b9688 |
t3.medium | stopped | - | 100.64.0.11 | vpc-0624f02edd21fd500 | sg-05683880fe8c6a4ae | ami-03eb645dfe0932119 | - | cloudnomads-cdk-builder-CdkBuilderInstanceProfile-Ws6hCZ9ke4PP | 1 | required | aws:cloudformation:stack-name=cloudnomads-cdk-builderaws:cloudformation:stack-id=arn:aws:cloudformation:eu-central-2:901472986157:stack/cloudnomads-cdk-builder/01b438b0-7e5a-11f0-9bb3-0edf1f35de83aws:cloudformation:logical-id=CdkBuilderEc2Instance |
| ECS Instance - EC2ContainerService-razed-staging-fe-cms-cdn-websocket-ecs-cluster | i-0148d359fd9cc02bd |
m6i.large | running | - | 10.0.3.45 | vpc-0d7df2123da5a7903 | sg-06ba57f626738e283 | ami-02bc0fbabbf6f7602 | razed_staging_April2024 | SSM_EcsInstanceProfile | 1 | required | Customer=razedAmazonECSManaged=ECS Cluster managed by Amazonaws:ec2launchtemplate:id=lt-05e1967a1216af5f3aws:ec2launchtemplate:version=2Environment=stagingaws:autoscaling:groupName=razed-staging-Asg-fe-cms-cdn-websocket-ecs-cluster |
| ECS Instance - EC2ContainerService-razed-staging-bo-agent-ecs-cluster | i-096b4074869468d40 |
m6i.xlarge | running | - | 10.0.3.184 | vpc-0d7df2123da5a7903 | sg-06ba57f626738e283 | ami-02bc0fbabbf6f7602 | razed_staging_April2024 | SSM_EcsInstanceProfile | 1 | required | Customer=razedaws:autoscaling:groupName=razed-staging-Asg-bo-agent-ecs-clusteraws:ec2launchtemplate:id=lt-0c2f24625094914cdAmazonECSManaged=ECS Cluster managed by Amazonaws:ec2launchtemplate:version=2Environment=staging |
| razed_staging_bastion_host | i-07e3051a8c9682afb |
t3.small | running | 51.96.185.170 | 10.0.2.33 | vpc-0d7df2123da5a7903 | sg-01d8ffa1fed5d7dde | ami-08b0336c66e876ba6 | razed_staging_April2024 | SSMInstanceProfile | 1 | required | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| razed_staging_metabase | i-0b58b67de24bcafce |
t3.medium | running | - | 10.0.1.120 | vpc-0d7df2123da5a7903 | sg-06ba57f626738e283 | ami-08b0336c66e876ba6 | razed_staging_April2024 | SSMInstanceProfile | 1 | required | Environment=stagingmap-migrated=migS0EK6JMBZCCustomer=razed |
| razed_staging_monitoring | i-090966e7de88de685 |
t3.medium | running | - | 10.0.1.131 | vpc-0d7df2123da5a7903 | sg-06ba57f626738e283 | ami-08b0336c66e876ba6 | razed_staging_April2024 | SSMInstanceProfile | 1 | required | Customer=razedmap-migrated=migS0EK6JMBZCEnvironment=staging |
| razed_staging_sharky | i-0ebba9e938fa24bf2 |
t3.small | running | - | 10.0.1.192 | vpc-0d7df2123da5a7903 | sg-06ba57f626738e283 | ami-078daaa37266e6dba | razed_staging_April2024 | SSMInstanceProfile | 1 | optional | Customer=razedEnvironment=stagingmap-migrated=migS0EK6JMBZC |
| razed_staging_elk | i-05247e184f909c5f1 |
t3.medium | running | 51.96.101.144 | 10.0.2.211 | vpc-0d7df2123da5a7903 | sg-06ba57f626738e283 | ami-045a6a805f3e99715 | razed_staging_April2024 | SSMInstanceProfile | 1 | optional | Environment=stagingCustomer=razedmap-migrated=migS0EK6JMBZC |
| Temporary-Bitbucket-runner | i-038812087149a4957 |
t3.large | running | - | 10.0.1.88 | vpc-0d7df2123da5a7903 | sg-06ba57f626738e283 | ami-075ba1075ae54f0b1 | razed_staging_April2024 | SSMInstanceProfile | 1 | required | - |
| razed_staging_graylog | i-01df22e9c12d9c3dc |
t3.xlarge | running | 16.62.218.215 | 10.0.2.161 | vpc-0d7df2123da5a7903 | sg-06ba57f626738e283 | ami-0db5099d02da489e0 | razed_staging_April2024 | SSMInstanceProfile | 1 | optional | Environment=stagingmap-migrated=migS0EK6JMBZCCustomer=razed |
| razed_staging_integration_graylog | i-01b956634228e3f6e |
t3.medium | running | 51.34.90.115 | 10.0.2.160 | vpc-0d7df2123da5a7903 | sg-06ba57f626738e283 | ami-0ea6c18ce3d9ca81b | razed_staging_April2024 | SSMInstanceProfile | 1 | optional | Customer=razedmap-migrated=migS0EK6JMBZCEnvironment=staging |
| razed-staging-temp-bastion | i-0c76d8ccf08751c4d |
t3.micro | running | 51.96.139.101 | 10.0.2.102 | vpc-0d7df2123da5a7903 | sg-01c3ded66a9761c5a | ami-00d221a569e081b36 | - | - | 1 | optional | Purpose=DB-Migrationmap-migrated=migS0EK6JMBZC |
| ECS Instance - EC2ContainerService-razed-staging-cronjob-ecs-cluster | i-05efa48e2b81801a6 |
t3.xlarge | running | - | 10.0.1.133 | vpc-0d7df2123da5a7903 | sg-06ba57f626738e283 | ami-02bc0fbabbf6f7602 | razed_staging_April2024 | SSM_EcsInstanceProfile | 1 | required | aws:ec2launchtemplate:version=2map-migrated=migS0EK6JMBZCEnvironment=stagingaws:ec2launchtemplate:id=lt-0b9993e281f56adc3Customer=razedaws:autoscaling:groupName=razed-staging-Asg-cronjob-ecs-clusterAmazonECSManaged=ECS Cluster managed by Amazon |
| razed_staging_nats_0 | i-0904af9b41a389404 |
t3.small | running | - | 10.0.1.229 | vpc-0d7df2123da5a7903 | sg-06ba57f626738e283 | ami-02ff3c8d458668474 | razed_staging_April2024 | SSMInstanceProfile | 1 | required | Environment=stagingmap-migrated=migS0EK6JMBZCCustomer=razed |
| razed_staging_nats_1 | i-0b409c1f8c54e4085 |
t3.small | running | - | 10.0.1.66 | vpc-0d7df2123da5a7903 | sg-06ba57f626738e283 | ami-02ff3c8d458668474 | razed_staging_April2024 | SSMInstanceProfile | 1 | required | map-migrated=migS0EK6JMBZCEnvironment=stagingCustomer=razed |
| razed_staging_nats_2 | i-03b36fdf7387acb71 |
t3.small | running | - | 10.0.1.130 | vpc-0d7df2123da5a7903 | sg-06ba57f626738e283 | ami-02ff3c8d458668474 | razed_staging_April2024 | SSMInstanceProfile | 1 | required | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
EBS Volumes
| Name | Volume ID | Size (GiB) | Type | State | Encrypted | IOPS | Attached Instance | Device | AZ | Tags |
|---|---|---|---|---|---|---|---|---|---|---|
| razed_staging_elk_volume | vol-0e8d71c93588b2784 |
20 | gp3 | in-use | No | 3000 | i-05247e184f909c5f1 | /dev/sda1 | eu-central-2a | Customer=razedmap-migrated=migS0EK6JMBZCEnvironment=staging |
| razed_staging_integration_graylog_volume | vol-0998c5a8dced84e77 |
80 | gp3 | in-use | No | 3000 | i-01b956634228e3f6e | /dev/sda1 | eu-central-2a | map-migrated=migS0EK6JMBZCEnvironment=stagingCustomer=razed |
| - | vol-0e5ab88b61e59b2c4 |
8 | gp2 | in-use | No | 100 | i-0c76d8ccf08751c4d | /dev/xvda | eu-central-2a | - |
| razed_staging_monitoring_volume | vol-0a5f8f2bc81b276d9 |
80 | gp3 | in-use | No | 3000 | i-090966e7de88de685 | /dev/sda1 | eu-central-2a | Customer=razedmap-migrated=migS0EK6JMBZCEnvironment=staging |
| razed_staging_metabase_volume | vol-0769fb4cc59c21545 |
50 | gp3 | in-use | No | 3000 | i-0b58b67de24bcafce | /dev/sda1 | eu-central-2a | Environment=stagingCustomer=razedmap-migrated=migS0EK6JMBZC |
| - | vol-0cd7abb5e4bafa8de |
50 | gp3 | in-use | No | 3000 | i-05efa48e2b81801a6 | /dev/xvda | eu-central-2a | - |
| razed_staging_nats_1_volume | vol-013c1c7b0e2b7d277 |
50 | gp3 | in-use | No | 3000 | i-0b409c1f8c54e4085 | /dev/sda1 | eu-central-2a | Customer=razedmap-migrated=migS0EK6JMBZCEnvironment=staging |
| - | vol-07b3c5e9d45a484f8 |
100 | gp3 | in-use | No | 3000 | i-0148d359fd9cc02bd | /dev/xvda | eu-central-2b | - |
| razed_staging_sharky_volume | vol-07673cbf0b4f8d17f |
15 | gp3 | in-use | No | 3000 | i-0ebba9e938fa24bf2 | /dev/sda1 | eu-central-2a | map-migrated=migS0EK6JMBZCEnvironment=stagingCustomer=razed |
| razed_staging_graylog_volume | vol-026ec004aaf30bb4f |
100 | gp3 | in-use | No | 3000 | i-01df22e9c12d9c3dc | /dev/sda1 | eu-central-2a | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| - | vol-05b5ec0b615bc8860 |
50 | gp3 | in-use | No | 3000 | i-0b4f226574f3b9688 | /dev/sda1 | eu-central-2b | - |
| razed_staging_nats_2_volume | vol-056a4f6b32bc67a5e |
50 | gp3 | in-use | No | 3000 | i-03b36fdf7387acb71 | /dev/sda1 | eu-central-2a | map-migrated=migS0EK6JMBZCEnvironment=stagingCustomer=razed |
| razed_staging_nats_0_volume | vol-02b7eb7c2c0d7c30e |
50 | gp3 | in-use | No | 3000 | i-0904af9b41a389404 | /dev/sda1 | eu-central-2a | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| razed_staging_bastion_host_volume | vol-0d9179f6874186adc |
50 | gp3 | in-use | No | 3000 | i-07e3051a8c9682afb | /dev/sda1 | eu-central-2a | Customer=razedEnvironment=stagingmap-migrated=migS0EK6JMBZC |
| - | vol-0f52f313881ae8757 |
50 | gp3 | in-use | No | 3000 | i-038812087149a4957 | /dev/sda1 | eu-central-2a | - |
| - | vol-0e08167c3574c768e |
50 | gp3 | in-use | No | 3000 | i-096b4074869468d40 | /dev/xvda | eu-central-2b | - |
ECS Clusters
| Cluster Name | Status | Running Tasks | Pending Tasks | Active Services | Container Instances |
|---|---|---|---|---|---|
| razed-house-games-staging-cluster | ACTIVE | 5 | 0 | 5 | 0 |
| razed-staging-cronjob-ecs-cluster | ACTIVE | 1 | 0 | 1 | 1 |
| razed-staging-fe-cms-cdn-websocket-ecs-cluster | ACTIVE | 6 | 0 | 5 | 1 |
| razed-staging-callback-fargate-ecs-cluster | ACTIVE | 2 | 0 | 2 | 0 |
| razed-staging-bo-agent-ecs-cluster | ACTIVE | 1 | 0 | 1 | 1 |
| razed-staging-queue-worker-fargate-ecs-cluster | ACTIVE | 2 | 0 | 2 | 0 |
| razed-staging-api-fargate-ecs-cluster | ACTIVE | 1 | 0 | 1 | 0 |
ECS Services
| Service Name | Status | Desired | Running | Launch Type | Task Definition | Load Balancers | Security Groups |
|---|---|---|---|---|---|---|---|
| razed-staging-callback-service | ACTIVE | 1 | 1 | FARGATE | razed-staging-callback-task-definitions:170 | 2 target groups | sg-06ba57f626738e283 |
| razed-staging-golang-callback-service | ACTIVE | 1 | 1 | FARGATE | razed-staging-golang-callback-task-definitions:10 | 2 target groups | sg-06ba57f626738e283 |
| razed-staging-bo-service | ACTIVE | 1 | 1 | EC2 | razed-staging-bo-task-definitions:171 | 1 target groups | |
| razed-house-games-staging-service | ACTIVE | 1 | 1 | FARGATE | razed-house-games-staging-main:4 | 1 target groups | sg-02e1ac2b9a0e913d6 |
| razed-house-games-staging-common-svc | ACTIVE | 1 | 1 | FARGATE | razed-house-games-staging-common:2 | 1 target groups | sg-02e1ac2b9a0e913d6 |
| razed-house-games-staging-redis-svc | ACTIVE | 1 | 1 | FARGATE | razed-house-games-staging-redis:6 | 0 target groups | sg-02e1ac2b9a0e913d6 |
| razed-house-games-staging-plinko-svc | ACTIVE | 1 | 1 | FARGATE | razed-house-games-staging-plinko:5 | 1 target groups | sg-02e1ac2b9a0e913d6 |
| razed-house-games-staging-blackjack-svc | ACTIVE | 1 | 1 | FARGATE | razed-house-games-staging-blackjack:9 | 1 target groups | sg-02e1ac2b9a0e913d6 |
| razed-staging-cms-service | ACTIVE | 1 | 1 | EC2 | razed-staging-cms-task-definitions:3 | 2 target groups | |
| razed-staging-websocket-services | ACTIVE | 1 | 1 | EC2 | razed-staging-websocket-task-definitions:2 | 2 target groups | |
| razed-staging-new-fe-service | ACTIVE | 2 | 2 | EC2 | razed-staging-new-fe-task-definitions:2 | 1 target groups | |
| razed-staging-cdn-cms-service | ACTIVE | 1 | 1 | EC2 | razed-staging-cdn-cms-task-definitions:2 | 1 target groups | |
| razed-staging-fe-service | ACTIVE | 1 | 1 | EC2 | razed-staging-fe-task-definitions:118 | 1 target groups | |
| razed-staging-cronjob-service | ACTIVE | 1 | 1 | EC2 | razed-staging-cronjob-task-definitions:169 | 0 target groups | |
| razed-staging-api-service | ACTIVE | 1 | 1 | FARGATE | razed-staging-api-task-definitions:172 | 1 target groups | sg-06ba57f626738e283 |
| razed-staging-queue-worker-service | ACTIVE | 1 | 1 | FARGATE | razed-staging-queue-worker-task-definitions:168 | 0 target groups | sg-06ba57f626738e283 |
| razed-staging-golang-queue-consumer-service | ACTIVE | 1 | 1 | FARGATE | razed-staging-golang-queue-consumer-task-definitions:9 | 0 target groups | sg-06ba57f626738e283 |
ECS Task Definitions (Active)
| Family | Rev | CPU | Memory | Containers | Task Role | Privileged | Env Vars | Secrets | Log Config |
|---|---|---|---|---|---|---|---|---|---|
| razed-house-games-staging-blackjack | 9 | 2048 | 4096 | 3 | Yes | No | 19 | 17 | awslogs:/ecs/razed-house-games-staging |
| razed-house-games-staging-common | 2 | 2048 | 4096 | 2 | Yes | No | 0 | 10 | awslogs:/ecs/razed-house-games-staging |
| razed-house-games-staging-main | 4 | 1024 | 3072 | 1 | Yes | No | 0 | 19 | awslogs:/ecs/razed-house-games-staging |
| razed-house-games-staging-plinko | 5 | 2048 | 4096 | 2 | Yes | No | 4 | 16 | awslogs:/ecs/razed-house-games-staging |
| razed-house-games-staging-redis | 6 | 256 | 512 | 1 | Yes | No | 0 | 0 | awslogs:/ecs/razed-house-games-staging |
| razed-staging-api-task-definitions | 172 | 4096 | 8192 | 3 | Yes | No | 17 | 0 | No logs, awslogs:/ecs/razed-staging-api |
| razed-staging-bo-task-definitions | 171 | - | - | 3 | No | No | 17 | 0 | No logs |
| razed-staging-callback-task-definitions | 170 | 2048 | 4096 | 3 | Yes | No | 17 | 0 | No logs, awslogs:/ecs/razed-staging-callback |
| razed-staging-cdn-cms-task-definitions | 2 | - | - | 1 | No | No | 0 | 0 | json-file |
| razed-staging-cms-task-definitions | 3 | - | - | 2 | No | No | 3 | 0 | No logs, json-file |
| razed-staging-cronjob-task-definitions | 169 | - | - | 3 | No | No | 11 | 0 | No logs |
| razed-staging-fe-task-definitions | 118 | - | - | 2 | No | No | 1 | 0 | No logs, json-file |
| razed-staging-golang-callback-task-definitions | 10 | 4096 | 8192 | 2 | Yes | No | 4 | 0 | No logs, firelens:unknown |
| razed-staging-golang-queue-consumer-task-definitions | 9 | 2048 | 4096 | 2 | Yes | No | 4 | 0 | No logs, firelens:unknown |
| razed-staging-new-fe-task-definitions | 2 | - | - | 2 | No | No | 1 | 0 | No logs, json-file |
| razed-staging-queue-worker-task-definitions | 168 | 4096 | 16384 | 3 | Yes | No | 11 | 0 | No logs |
| razed-staging-websocket-task-definitions | 2 | - | - | 2 | No | No | 0 | 0 | json-file |
Container Configuration Detail
⚠️ Plaintext environment variables should be avoided for sensitive data. Use Secrets Manager or SSM Parameter Store. log_router containers are excluded.
| Task Definition | Container | Image | Log Config | Plaintext Env Vars | Secrets (SSM/SM) |
|---|---|---|---|---|---|
| razed-house-games-staging-blackjack:9 | datadog-agent | public.ecr.aws/datadog/agent:latest | awslogs:/ecs/razed-house-games-stag... | DD_APM_NON_LOCAL_TRAFFICDD_SITEECS_FARGATEDD_APM_ENABLEDDD_LOGS_ENABLEDDD_LOGS_CONFIG_CONTAINER_COLLECT_ALLDD_DOGSTATSD_NON_LOCAL_TRAFFIC | DD_API_KEY |
| razed-house-games-staging-blackjack:9 | razed-house-games-staging-blackjack | 901472986157.dkr.ecr.eu-central-2.amazonaws.com/razed-house-games-blackjack:880c7408291cb0a6577441be7caa7baf650c69b7 | awslogs:/ecs/razed-house-games-stag... | REDIS_HOSTDD_TRACE_SAMPLE_RATEREDIS_PORTDD_AGENT_HOSTDD_VERSIONDD_RUNTIME_METRICS_ENABLEDCOMMON_MS_HOSTDD_TRACE_ENABLEDDD_SERVICEDD_LOGS_INJECTIONDD_ENVCOMMON_MS_PORT | POSTGRES_USERPOSTGRES_PASSWORDPOSTGRES_PORTPOSTGRES_DBPOSTGRES_HOSTTERRAGON_URLTERRAGON_API_KEYPRIVATE_JWT_SECRETKENO_GAME_IDMINES_GAME_IDDICES_GAME_IDPLINKO_GAME_IDWHEEL_GAME_IDLIMBO_GAME_IDBLACKJACK_GAME_IDNODE_EXTRA_CA_CERTS |
| razed-house-games-staging-blackjack:9 | razed-house-games-staging-blackjack-nginx | 901472986157.dkr.ecr.eu-central-2.amazonaws.com/razed-house-games-blackjack-nginx:880c7408291cb0a6577441be7caa7baf650c69b7 | awslogs:/ecs/razed-house-games-stag... | None | - |
| razed-house-games-staging-common:2 | razed-house-games-staging-common | 901472986157.dkr.ecr.eu-central-2.amazonaws.com/razed-house-games-common:adc5e0e17199a015f12168ce79bdc5e26e8d1dbc | awslogs:/ecs/razed-house-games-stag... | None | POSTGRES_USERPOSTGRES_HOSTPOSTGRES_PASSWORDPOSTGRES_DBPOSTGRES_PORTREDIS_HOSTREDIS_PORTTERRAGON_API_KEYTERRAGON_URLPRIVATE_JWT_SECRET |
| razed-house-games-staging-common:2 | razed-house-games-staging-common-nginx | 901472986157.dkr.ecr.eu-central-2.amazonaws.com/razed-house-games-common-nginx:latest | awslogs:/ecs/razed-house-games-stag... | None | - |
| razed-house-games-staging-main:4 | razed-house-games-staging-main | 901472986157.dkr.ecr.eu-central-2.amazonaws.com/razed-house-games-main:3de68d6097abe78a6839a3fbf227e54013e5a1fb | awslogs:/ecs/razed-house-games-stag... | None | POSTGRES_USERPOSTGRES_HOSTPOSTGRES_PASSWORDPOSTGRES_DBPOSTGRES_PORTREDIS_HOSTREDIS_PORTKENO_GAME_IDBLACKJACK_GAME_IDBOXES_GAME_IDMINES_GAME_IDDICES_GAME_IDPLINKO_GAME_IDWHEEL_GAME_IDLIMBO_GAME_IDNODE_EXTRA_CA_CERTSTERRAGON_API_KEYTERRAGON_URLPRIVATE_JWT_SECRET |
| razed-house-games-staging-plinko:5 | razed-house-games-staging-plinko | 901472986157.dkr.ecr.eu-central-2.amazonaws.com/razed-house-games-plinko:latest | awslogs:/ecs/razed-house-games-stag... | COMMON_MS_HOSTREDIS_HOSTREDIS_PORTCOMMON_MS_PORT | POSTGRES_USERPOSTGRES_PASSWORDPOSTGRES_PORTPOSTGRES_DBPOSTGRES_HOSTTERRAGON_URLTERRAGON_API_KEYPRIVATE_JWT_SECRETKENO_GAME_IDMINES_GAME_IDDICES_GAME_IDPLINKO_GAME_IDWHEEL_GAME_IDLIMBO_GAME_IDBOXES_GAME_IDNODE_EXTRA_CA_CERTS |
| razed-house-games-staging-plinko:5 | razed-house-games-staging-plinko-nginx | 901472986157.dkr.ecr.eu-central-2.amazonaws.com/razed-house-games-plinko-nginx:latest | awslogs:/ecs/razed-house-games-stag... | None | - |
| razed-house-games-staging-redis:6 | redis | redis:latest | awslogs:/ecs/razed-house-games-stag... | None | - |
| razed-staging-api-task-definitions:172 | terragon-api | 901472986157.dkr.ecr.eu-central-2.amazonaws.com/razed-staging-api:52f169b-1888-release-razed-3.12.0 | awslogs:/ecs/razed-staging-api | SERVER_PORTSERVICE_NAMEBLACKFIRE_LOG_FILECADDY_SERVER_WORKER_COUNTBLACKFIRE_CLIENT_TOKENBLACKFIRE_SERVER_IDBLACKFIRE_LOG_LEVELSERVER_NAMEBLACKFIRE_SERVER_TOKENFRANKENPHP_WORKER_PATHPROMETHEUS_BCRYPT_PASSWORDBLACKFIRE_CLIENT_ID | - |
| razed-staging-api-task-definitions:172 | filebeat | 901472986157.dkr.ecr.eu-central-2.amazonaws.com/razed-staging-filebeat:3.0-addfield | No logs | GRAYLOG_HOSTFILEBEAT_CONTAINER_NAMEGRAYLOG_LISTEN_PORT | - |
| razed-staging-api-task-definitions:172 | filebeat-integration | 901472986157.dkr.ecr.eu-central-2.amazonaws.com/razed-staging-filebeat:4.0-integration | No logs | GRAYLOG_HOSTGRAYLOG_LISTEN_PORT | - |
| razed-staging-bo-task-definitions:171 | terragon-bo | 901472986157.dkr.ecr.eu-central-2.amazonaws.com/razed-staging-bo:52f169b-1888-release-razed-3.12.0 | No logs | SERVER_PORTSERVICE_NAMEBLACKFIRE_LOG_FILECADDY_SERVER_WORKER_COUNTBLACKFIRE_CLIENT_TOKENBLACKFIRE_SERVER_IDBLACKFIRE_LOG_LEVELSERVER_NAMEBLACKFIRE_SERVER_TOKENFRANKENPHP_WORKER_PATHPROMETHEUS_BCRYPT_PASSWORDBLACKFIRE_CLIENT_ID | - |
| razed-staging-bo-task-definitions:171 | filebeat | 901472986157.dkr.ecr.eu-central-2.amazonaws.com/razed-staging-filebeat:3.0-addfield | No logs | GRAYLOG_HOSTFILEBEAT_CONTAINER_NAMEGRAYLOG_LISTEN_PORT | - |
| razed-staging-bo-task-definitions:171 | filebeat-integration | 901472986157.dkr.ecr.eu-central-2.amazonaws.com/razed-staging-filebeat:4.0-integration | No logs | GRAYLOG_HOSTGRAYLOG_LISTEN_PORT | - |
| razed-staging-callback-task-definitions:170 | terragon-callback | 901472986157.dkr.ecr.eu-central-2.amazonaws.com/razed-staging-callback:52f169b-1888-release-razed-3.12.0 | awslogs:/ecs/razed-staging-callback | SERVER_PORTSERVICE_NAMEBLACKFIRE_LOG_FILECADDY_SERVER_WORKER_COUNTBLACKFIRE_CLIENT_TOKENBLACKFIRE_SERVER_IDBLACKFIRE_LOG_LEVELSERVER_NAMEBLACKFIRE_SERVER_TOKENFRANKENPHP_WORKER_PATHPROMETHEUS_BCRYPT_PASSWORDBLACKFIRE_CLIENT_ID | - |
| razed-staging-callback-task-definitions:170 | filebeat | 901472986157.dkr.ecr.eu-central-2.amazonaws.com/razed-staging-filebeat:3.0-addfield | No logs | GRAYLOG_HOSTFILEBEAT_CONTAINER_NAMEGRAYLOG_LISTEN_PORT | - |
| razed-staging-callback-task-definitions:170 | filebeat-integration | 901472986157.dkr.ecr.eu-central-2.amazonaws.com/razed-staging-filebeat:4.0-integration | No logs | GRAYLOG_HOSTGRAYLOG_LISTEN_PORT | - |
| razed-staging-cdn-cms-task-definitions:2 | nginx-s3-gateway | 901472986157.dkr.ecr.eu-central-2.amazonaws.com/razed-staging-nginx-base:s3-gateway-1.0 | json-file | None | - |
| razed-staging-cms-task-definitions:3 | nginx-cms | 901472986157.dkr.ecr.eu-central-2.amazonaws.com/razed-staging-nginx-base:3.0 | json-file | NGINX_DEFAULT_CONF_FILE | - |
| razed-staging-cms-task-definitions:3 | terragon-cms | 901472986157.dkr.ecr.eu-central-2.amazonaws.com/razed-staging-cms:4e46658-73-devops-deploy-staging-new-aws | No logs | TERRAGON_NEWRELIC_LICENSE_KEYTERRAGON_SERVICE_NAME | - |
| razed-staging-cronjob-task-definitions:169 | cronjob | 901472986157.dkr.ecr.eu-central-2.amazonaws.com/razed-staging-cronjob:52f169b-1888-release-razed-3.12.0 | No logs | BLACKFIRE_CLIENT_TOKENBLACKFIRE_LOG_FILEBLACKFIRE_SERVER_IDBLACKFIRE_LOG_LEVELBLACKFIRE_SERVER_TOKENBLACKFIRE_CLIENT_ID | - |
| razed-staging-cronjob-task-definitions:169 | filebeat | 901472986157.dkr.ecr.eu-central-2.amazonaws.com/razed-staging-filebeat:3.0-addfield | No logs | GRAYLOG_HOSTFILEBEAT_CONTAINER_NAMEGRAYLOG_LISTEN_PORT | - |
| razed-staging-cronjob-task-definitions:169 | filebeat-integration | 901472986157.dkr.ecr.eu-central-2.amazonaws.com/razed-staging-filebeat:4.0-integration | No logs | GRAYLOG_HOSTGRAYLOG_LISTEN_PORT | - |
| razed-staging-fe-task-definitions:118 | nginx-fe | 901472986157.dkr.ecr.eu-central-2.amazonaws.com/razed-staging-nginx-base:3.0 | json-file | NGINX_DEFAULT_CONF_FILE | - |
| razed-staging-fe-task-definitions:118 | app | 901472986157.dkr.ecr.eu-central-2.amazonaws.com/razed-staging-fe:6d1328b-21024639648-release-3.12.0 | No logs | None | - |
| razed-staging-golang-callback-task-definitions:10 | terragon-golang-callback | 901472986157.dkr.ecr.eu-central-2.amazonaws.com/razed-staging-golang-callback:b25a896-17-release-razed-3.11 | firelens:unknown | None | - |
| razed-staging-golang-callback-task-definitions:10 | fluent-bit | 901472986157.dkr.ecr.eu-central-2.amazonaws.com/razed-staging-fluent-bit:output-graylog | No logs | APP_CONTAINER_NAMELOG_GROUP_NAMEGRAYLOG_HOSTGRAYLOG_LISTEN_PORT | - |
| razed-staging-golang-queue-consumer-task-definitions:9 | terragon-golang-queue-consumer | 901472986157.dkr.ecr.eu-central-2.amazonaws.com/razed-staging-golang-queue-consumer:b25a896-17-release-razed-3.11 | firelens:unknown | None | - |
| razed-staging-golang-queue-consumer-task-definitions:9 | fluent-bit | 901472986157.dkr.ecr.eu-central-2.amazonaws.com/razed-staging-fluent-bit:output-graylog | No logs | APP_CONTAINER_NAMELOG_GROUP_NAMEGRAYLOG_HOSTGRAYLOG_LISTEN_PORT | - |
| razed-staging-new-fe-task-definitions:2 | nginx-fe | 901472986157.dkr.ecr.eu-central-2.amazonaws.com/razed-staging-nginx-base:3.0 | json-file | NGINX_DEFAULT_CONF_FILE | - |
| razed-staging-new-fe-task-definitions:2 | app | 901472986157.dkr.ecr.eu-central-2.amazonaws.com/new-razed-staging-fe:d17c0f2-20456824238-devops-deploy-fe-staging-multi-region | No logs | None | - |
| razed-staging-queue-worker-task-definitions:168 | queue-worker | 901472986157.dkr.ecr.eu-central-2.amazonaws.com/razed-staging-queue-worker:52f169b-1888-release-razed-3.12.0 | No logs | BLACKFIRE_CLIENT_TOKENBLACKFIRE_LOG_FILEBLACKFIRE_SERVER_IDBLACKFIRE_LOG_LEVELBLACKFIRE_SERVER_TOKENBLACKFIRE_CLIENT_ID | - |
| razed-staging-queue-worker-task-definitions:168 | filebeat | 901472986157.dkr.ecr.eu-central-2.amazonaws.com/razed-staging-filebeat:3.0-addfield | No logs | GRAYLOG_HOSTFILEBEAT_CONTAINER_NAMEGRAYLOG_LISTEN_PORT | - |
| razed-staging-queue-worker-task-definitions:168 | filebeat-integration | 901472986157.dkr.ecr.eu-central-2.amazonaws.com/razed-staging-filebeat:4.0-integration | No logs | GRAYLOG_HOSTGRAYLOG_LISTEN_PORT | - |
| razed-staging-websocket-task-definitions:2 | nginx-websocket | 901472986157.dkr.ecr.eu-central-2.amazonaws.com/razed-staging-nginx-base:3.0 | json-file | None | - |
| razed-staging-websocket-task-definitions:2 | app | 901472986157.dkr.ecr.eu-central-2.amazonaws.com/razed-staging-soketi:1.6-16-debian | json-file | None | - |
RDS Instances
| DB Identifier | Engine | Class | Status | Storage | Encrypted | Multi-AZ | Public | Backup | Delete Prot. | Tags |
|---|---|---|---|---|---|---|---|---|---|---|
| razed-house-games-staging-db | postgres 15.12 | db.t3.medium | available | 100 GiB | Yes | No | No | 7d | No | app=house-gamesmap-migrated=migS0EK6JMBZCenvironment=staginglocation=zurichbrand=razedName=razed-house-games-staging-db |
| razed-staging-aurora-primary-cluster-instance-0 | aurora-mysql 8.0.mysql_aurora.3.10.0 | db.r6g.large | available | 1 GiB | Yes | No | No | 7d | No | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
SQS Queues
Total Queues: 64
Without Encryption: 64
Without DLQ: 64
| Queue Name | Type | Encrypted | DLQ Configured | Visibility Timeout | Messages | Tags |
|---|---|---|---|---|---|---|
| accumulate_bonus_programs | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| accumulate_bonus_programs.fifo | FIFO | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| accumulate_bonus_programs_ref | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| accumulate_bonus_programs_referral | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| accumulate_bonus_programs_settle | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| accumulate_bonus_programs_summary | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| ad_checks | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| assign_new_game_to_bonus | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| assign_new_game_to_game_segment | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| assign_new_game_to_game_tag | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| audit_logs | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| automatic_withdrawal | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| betting_limit | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| bonuses | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| broadcast | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| broadcast_balance | Standard | No | No | 300s | 183 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| campaign_message | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| cash_drops | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| casino_bet_detail | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| challenges | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| compliance_actions | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| compliances.fifo | FIFO | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| crm | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| crm_high | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| default | Standard | No | No | 300s | 2 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| emails | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| export | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| forward_game_log_processed | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| forward_player_wr_processed | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| game_log_locks | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| game_logs | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| game_logs.fifo | FIFO | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| golang_test | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| golang_test.fifo | FIFO | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| import_batches | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| loyalty_programs | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| notifications | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| payment_integration_logs | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| player_activities | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| player_flagged_computing | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| player_tips | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| player_transactional_summary | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| player_vip | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| post_wagered_bonus_programs | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| prune_open_bets | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| quests | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| raffles | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| rebate_programs | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| recent_games | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| referral_plans | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| risk_fraud | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| segments | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| segments.fifo | FIFO | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| segments_computing.fifo | FIFO | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| sms | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| sportbook_bet_detail | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| spotlight-search | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| sync_game_to_ec | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| telescope | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| tournaments | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| tournaments.fifo | FIFO | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| trigger_scheduled_programs | Standard | No | No | 3000s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| wagering_requirements | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| webhook_call | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
Secrets Manager
Total Secrets: 2
Without Rotation: 2
| Secret Name | Description | KMS Key | Rotation | Last Rotated | Last Accessed | Tags |
|---|---|---|---|---|---|---|
| razed-staging-rds-admin-password | - | secretsmanager |
Disabled | - | 2026-01-14 | map-migrated=migS0EK6JMBZC |
| razed-staging-redshift-admin-password | - | secretsmanager |
Disabled | - | 2026-01-14 | map-migrated=migS0EK6JMBZC |
CloudWatch Log Groups
Total Log Groups: 14
Without Retention Policy: 5
| Log Group Name | Retention (Days) | Stored Size |
|---|---|---|
/aws/ecs/containerinsights/razed-house-games-staging-cluster/performance |
1 | 9.59 MB |
/aws/rds/cluster/razed-staging-primary-cluster/error |
Never Expire | 53.26 MB |
/aws/rds/instance/razed-house-games-staging-db/postgresql |
Never Expire | 6.24 MB |
/aws/rds/instance/razed-staging-db-master/error |
Never Expire | 2.96 KB |
/ecs/razed-house-games-staging |
30 | 110.54 MB |
/ecs/razed-staging-api |
365 | 220.43 KB |
/ecs/razed-staging-callback |
365 | 186.3 KB |
/ecs/razed-staging-golang-callback |
365 | 92.24 MB |
RDSOSMetrics |
30 | 70.81 MB |
dms-tasks-migrations-replication-instance |
Never Expire | 509.48 KB |
firelens-container |
Never Expire | 7.73 KB |
razed-staging-backend-redis-slowlog |
365 | 84.17 KB |
razed-staging-broadcast-balance-slowlog |
365 | 42.28 KB |
razed-staging-websocket-valkey-slowlog |
365 | 2.02 KB |
Application & Network Load Balancers
| Name | Type | Scheme | State | DNS Name | VPC | AZs | Listeners | Target Groups | Tags |
|---|---|---|---|---|---|---|---|---|---|
| razed-staging-ecs-internal-alb | APPLICATION | internal | active | internal-razed-staging-ecs-internal-alb-269192340.eu-central-2.elb.amazonaws.com | vpc-0d7df2123da5a7903 | 2 | HTTPS:443, HTTP:80 | 4 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| razed-staging-public-alb | APPLICATION | internet-facing | active | razed-staging-public-alb-1212457276.eu-central-2.elb.amazonaws.com | vpc-0d7df2123da5a7903 | 2 | HTTPS:443, HTTP:80 | 12 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| razed-house-games-staging-alb | APPLICATION | internet-facing | active | razed-house-games-staging-alb-651047958.eu-central-2.elb.amazonaws.com | vpc-0d7df2123da5a7903 | 2 | HTTP:80, HTTPS:443 | 4 | app=house-gamesmap-migrated=migS0EK6JMBZCenvironment=staginglocation=zurichbrand=razed |
Target Groups
| Load Balancer | Target Group Name | Protocol | Port | Target Type | Health Check |
|---|---|---|---|---|---|
| razed-staging-ecs-internal-alb | razed-staging-callbck-int-442 | HTTPS | 442 | ip | HTTPS:/player/api/v1/ping |
| razed-staging-ecs-internal-alb | razed-staging-cms-internal-444 | HTTPS | 444 | instance | HTTPS:/ |
| razed-staging-ecs-internal-alb | razed-staging-golcalbk-int-9442 | HTTP | 9442 | ip | HTTP:/api/v2/callback/game-service/ping |
| razed-staging-ecs-internal-alb | razed-staging-ws-int-6002 | HTTPS | 6002 | instance | HTTPS:/ |
| razed-staging-public-alb | razed-staging-api-tg-441 | HTTPS | 441 | ip | HTTPS:/robots.txt |
| razed-staging-public-alb | razed-staging-bo-tg-440 | HTTPS | 440 | instance | HTTPS:/player/api/v1/ping |
| razed-staging-public-alb | razed-staging-callbck-tg-442 | HTTPS | 442 | ip | HTTPS:/player/api/v1/ping |
| razed-staging-public-alb | razed-staging-cdn-cms-tg-449 | HTTPS | 449 | instance | HTTPS:/health |
| razed-staging-public-alb | razed-staging-cms-tg-444 | HTTPS | 444 | instance | HTTPS:/ |
| razed-staging-public-alb | razed-staging-elk-tg-443 | HTTPS | 443 | instance | HTTPS:/ |
| razed-staging-public-alb | razed-staging-fe-tg-443 | HTTPS | 443 | instance | HTTPS:/robots.txt |
| razed-staging-public-alb | razed-staging-golcalbk-9442 | HTTP | 9442 | ip | HTTP:/api/v2/callback/game-service/ping |
| razed-staging-public-alb | razed-staging-graylog-tg-443 | HTTPS | 443 | instance | HTTPS:/ |
| razed-staging-public-alb | razed-staging-intglog-tg-443 | HTTPS | 443 | instance | HTTPS:/ |
| razed-staging-public-alb | razed-staging-new-fe-tg443 | HTTPS | 443 | instance | HTTPS:/robots.txt |
| razed-staging-public-alb | razed-staging-ws-tg-6002 | HTTPS | 6002 | instance | HTTPS:/ |
| razed-house-games-staging-alb | razed-hg-staging-blackjack-tg | HTTP | 80 | ip | HTTP:/api/blackjack/health |
| razed-house-games-staging-alb | razed-hg-staging-common-tg | HTTP | 80 | ip | HTTP:/health |
| razed-house-games-staging-alb | razed-hg-staging-plinko-tg | HTTP | 80 | ip | HTTP:/api/plinko/health |
| razed-house-games-staging-alb | razed-house-games-staging-tg | HTTP | 80 | ip | HTTP:/health |
Security Groups (In Use)
| Name | Group ID | VPC | Used By | Inbound Ports | Outbound Ports | Open to Internet | Tags |
|---|---|---|---|---|---|---|---|
| razed-house-games-staging-ecs-tasks | sg-02e1ac2b9a0e913d6 |
vpc-0d7df2123da5a7903 | ECS(5) | tcp:3000-3010, tcp:4000, tcp:6379, tcp:80 | All | No | location=zurichbrand=razedenvironment=stagingapp=house-gamesmap-migrated=migS0EK6JMBZC |
| razed-staging-temp-bastion | sg-01c3ded66a9761c5a |
vpc-0d7df2123da5a7903 | EC2(1) | tcp:22 | All | No | - |
| cloudnomads-cdk-builder | sg-05683880fe8c6a4ae |
vpc-0624f02edd21fd500 | EC2(1) | tcp:3389 | All | No | aws:cloudformation:stack-name=cloudnomads-cdk-builderaws:cloudformation:stack-id=arn:aws:cloudformation:eu-central-2:901472986157:stack/cloudnomads-cdk-builder/01b438b0-7e5a-11f0-9bb3-0edf1f35de83aws:cloudformation:logical-id=CdkBuilderSg |
| razed-staging-allow-local | sg-06ba57f626738e283 |
vpc-0d7df2123da5a7903 | APPLICATION(1), EC2(13), ECS(5) | All, tcp:0-65535, tcp:5439 | All | No | Customer=razedmap-migrated=migS0EK6JMBZCEnvironment=staging |
| razed-staging-allow-http-https | sg-0cd72230e0c34bd38 |
vpc-0d7df2123da5a7903 | APPLICATION(1) | tcp:443, tcp:80 | All | Yes | Environment=stagingCustomer=razedmap-migrated=migS0EK6JMBZC |
| razed-staging-allow-local-port-3306 | sg-07a3c4c6897a61438 |
vpc-0d7df2123da5a7903 | RDS(1) | tcp:0-65535, tcp:3306 | All | No | Environment=stagingmap-migrated=migS0EK6JMBZCCustomer=razed |
| razed-staging-allow-ssh | sg-01d8ffa1fed5d7dde |
vpc-0d7df2123da5a7903 | EC2(1) | tcp:22 | All | No | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
| razed-house-games-staging-alb | sg-05b113e57fa9f8501 |
vpc-0d7df2123da5a7903 | APPLICATION(1) | tcp:443, tcp:80 | All | Yes | environment=staginglocation=zurichbrand=razedmap-migrated=migS0EK6JMBZCapp=house-games |
| razed-house-games-staging-rds | sg-081ffb341490a3599 |
vpc-0d7df2123da5a7903 | RDS(1) | tcp:5432 | None | No | brand=razedapp=house-gamesmap-migrated=migS0EK6JMBZCenvironment=staginglocation=zurich |
Security Group Rules Detail
| Security Group | Direction | Protocol | Port Range | Source/Destination |
|---|---|---|---|---|
razed-house-games-staging-ecs-tasks sg-02e1ac2b9a0e913d6 |
Inbound | tcp | 80 | 10.0.0.0/16 |
razed-house-games-staging-ecs-tasks sg-02e1ac2b9a0e913d6 |
Inbound | tcp | 6379 | 10.0.0.0/16 |
razed-house-games-staging-ecs-tasks sg-02e1ac2b9a0e913d6 |
Inbound | tcp | 4000 | 10.0.0.0/16 |
razed-house-games-staging-ecs-tasks sg-02e1ac2b9a0e913d6 |
Inbound | tcp | 3000-3010 | 10.0.0.0/16 |
razed-staging-temp-bastion sg-01c3ded66a9761c5a |
Inbound | tcp | 22 | 143.105.174.64/32 |
cloudnomads-cdk-builder sg-05683880fe8c6a4ae |
Inbound | tcp | 3389 | 84.254.23.220/32 |
razed-staging-allow-local sg-06ba57f626738e283 |
Inbound | tcp | 5439 | 11.0.0.0/16, 172.20.0.0/16 |
razed-staging-allow-local sg-06ba57f626738e283 |
Inbound | tcp | 0-65535 | sg: sg-06ba57f626738e283 |
razed-staging-allow-local sg-06ba57f626738e283 |
Inbound | All | All | 10.0.3.0/24, 10.0.4.0/24, 10.0.2.0/24, 10.0.1.0/24 |
razed-staging-allow-http-https sg-0cd72230e0c34bd38 |
Inbound | tcp | 80 | 0.0.0.0/0 |
razed-staging-allow-http-https sg-0cd72230e0c34bd38 |
Inbound | tcp | 443 | 0.0.0.0/0 |
razed-staging-allow-local-port-3306 sg-07a3c4c6897a61438 |
Inbound | tcp | 0-65535 | sg: sg-07a3c4c6897a61438 |
razed-staging-allow-local-port-3306 sg-07a3c4c6897a61438 |
Inbound | tcp | 3306 | 10.0.3.0/24, 10.0.1.0/24, 11.0.0.0/16, 10.0.2.33/32, 172.20.0.0/16 |
razed-staging-allow-ssh sg-01d8ffa1fed5d7dde |
Inbound | tcp | 22 | 14.161.16.211/32, 115.79.29.29/32, 115.78.100.17/32, 119.93.179.143/32, 18.185.233.97/32, 118.69.133.85/32 |
razed-house-games-staging-alb sg-05b113e57fa9f8501 |
Inbound | tcp | 80 | 0.0.0.0/0 |
razed-house-games-staging-alb sg-05b113e57fa9f8501 |
Inbound | tcp | 443 | 0.0.0.0/0 |
razed-house-games-staging-rds sg-081ffb341490a3599 |
Inbound | tcp | 5432 | sg: sg-02e1ac2b9a0e913d6, sg: sg-01c3ded66a9761c5a |
razed-house-games-staging-ecs-tasks sg-02e1ac2b9a0e913d6 |
Outbound | All | All | 0.0.0.0/0 |
razed-staging-temp-bastion sg-01c3ded66a9761c5a |
Outbound | All | All | 0.0.0.0/0 |
cloudnomads-cdk-builder sg-05683880fe8c6a4ae |
Outbound | All | All | 0.0.0.0/0 |
razed-staging-allow-local sg-06ba57f626738e283 |
Outbound | All | All | 0.0.0.0/0 |
razed-staging-allow-http-https sg-0cd72230e0c34bd38 |
Outbound | All | All | 0.0.0.0/0 |
razed-staging-allow-local-port-3306 sg-07a3c4c6897a61438 |
Outbound | All | All | 0.0.0.0/0 |
razed-staging-allow-ssh sg-01d8ffa1fed5d7dde |
Outbound | All | All | 0.0.0.0/0 |
razed-house-games-staging-alb sg-05b113e57fa9f8501 |
Outbound | All | All | 0.0.0.0/0 |
Compliance Findings
Network & Security (Section 5.2)
2
Open Security Groups (0.0.0.0/0)
5
EC2 Without IMDSv2
Yes
CloudTrail Enabled
Data Protection (Section 5.4)
16
Unencrypted EBS Volumes
0
Unencrypted RDS
64
SQS Without Encryption
Logging & Monitoring (Section 5.3)
5
Log Groups (No Retention)
RDS Standards (Section 7)
0
Public RDS Instances
2
RDS Without Multi-AZ
0
RDS Without Backups
Lambda Standards (Section 7)
0
Lambda Default Timeout (3s)
0
Lambda Without DLQ
SQS Standards (Section 7)
64
SQS Without DLQ
ECS Standards (Section 7)
109
Plaintext Env Vars
0
Privileged Containers
📍 Region: ap-east-1
VPCs & Subnets
| Name | VPC ID | CIDR Block | State | Tenancy | Tags |
|---|---|---|---|---|---|
| razed-staging-vpc | vpc-0ad53447db4dd7c5a |
172.20.0.0/16 | available | default | Customer=razedEnvironment=stagingmap-migrated=migS0EK6JMBZC |
Subnets
| Name | Subnet ID | VPC ID | CIDR Block | AZ | Available IPs | Public IP on Launch | Tags |
|---|---|---|---|---|---|---|---|
| razed-staging-public-subnet-2 | subnet-0c3f64bfdd43d2c03 |
vpc-0ad53447db4dd7c5a | 172.20.4.0/24 | ap-east-1b | 249 | No | map-migrated=migS0EK6JMBZCEnvironment=stagingCustomer=razed |
| razed-staging-private-subnet-1 | subnet-06eee201dd4967ab9 |
vpc-0ad53447db4dd7c5a | 172.20.1.0/24 | ap-east-1a | 248 | No | Customer=razedEnvironment=stagingmap-migrated=migS0EK6JMBZC |
| razed-staging-private-subnet-2 | subnet-02a65ca4213f3d00b |
vpc-0ad53447db4dd7c5a | 172.20.3.0/24 | ap-east-1b | 249 | No | Customer=razedEnvironment=stagingmap-migrated=migS0EK6JMBZC |
| razed-staging-public-subnet-1 | subnet-0f2693711355c8128 |
vpc-0ad53447db4dd7c5a | 172.20.2.0/24 | ap-east-1a | 247 | No | Environment=stagingCustomer=razedmap-migrated=migS0EK6JMBZC |
EC2 Instances
| Name | Instance ID | Type | State | Public IP | Private IP | VPC | Security Groups | AMI | Key Pair | IAM Profile | EBS Volumes | IMDSv2 | Tags |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| razed_staging_bastion_host | i-02750d18ce1752867 |
t3.medium | stopped | 95.40.135.44 | 172.20.2.133 | vpc-0ad53447db4dd7c5a | sg-05cd3dc31913af2ad | ami-0d6e1a2f8241fb073 | razed_staging_April2024 | SSMInstanceProfile | 1 | required | Environment=stagingmap-migrated=migS0EK6JMBZCCustomer=razed |
| razed_staging_test-peering-connection | i-0d5ce56f2b7087746 |
t3.medium | running | - | 172.20.1.252 | vpc-0ad53447db4dd7c5a | sg-07d727ab4a4cdc5fe | ami-0d6e1a2f8241fb073 | razed_staging_April2024 | SSMInstanceProfile | 1 | required | Environment=stagingCustomer=razedmap-migrated=migS0EK6JMBZC |
EBS Volumes
| Name | Volume ID | Size (GiB) | Type | State | Encrypted | IOPS | Attached Instance | Device | AZ | Tags |
|---|---|---|---|---|---|---|---|---|---|---|
| razed_staging_bastion_host_volume | vol-0b541dc84d0b7a2f2 |
50 | gp3 | in-use | No | 3000 | i-02750d18ce1752867 | /dev/sda1 | ap-east-1a | map-migrated=migS0EK6JMBZCEnvironment=stagingCustomer=razed |
| razed_staging_test-peering-connection_volume | vol-0f864a33fa600c2d2 |
50 | gp3 | in-use | No | 3000 | i-0d5ce56f2b7087746 | /dev/sda1 | ap-east-1a | Customer=razedEnvironment=stagingmap-migrated=migS0EK6JMBZC |
ECS Clusters
| Cluster Name | Status | Running Tasks | Pending Tasks | Active Services | Container Instances |
|---|---|---|---|---|---|
| razed-staging-cronjob-ecs-cluster | ACTIVE | 0 | 0 | 0 | 0 |
| razed-staging-api-fargate-ecs-cluster | ACTIVE | 1 | 0 | 1 | 0 |
| razed-staging-fe-cms-cdn-websocket-ecs-cluster | ACTIVE | 0 | 0 | 1 | 0 |
| razed-staging-bo-agent-ecs-cluster | ACTIVE | 0 | 0 | 0 | 0 |
ECS Services
| Service Name | Status | Desired | Running | Launch Type | Task Definition | Load Balancers | Security Groups |
|---|---|---|---|---|---|---|---|
| razed-staging-fe-service | ACTIVE | 1 | 0 | EC2 | razed-staging-fe-task-definitions:1 | 1 target groups | |
| razed-staging-api-service | ACTIVE | 1 | 1 | FARGATE | razed-staging-api-task-definitions:6 | 1 target groups | sg-07d727ab4a4cdc5fe |
ECS Task Definitions (Active)
| Family | Rev | CPU | Memory | Containers | Task Role | Privileged | Env Vars | Secrets | Log Config |
|---|---|---|---|---|---|---|---|---|---|
| razed-staging-api-task-definitions | 6 | 4096 | 8192 | 3 | Yes | No | 17 | 0 | No logs, awslogs:/ecs/razed-staging-api |
| razed-staging-fe-task-definitions | 1 | - | - | 1 | No | No | 0 | 0 | No logs |
Container Configuration Detail
⚠️ Plaintext environment variables should be avoided for sensitive data. Use Secrets Manager or SSM Parameter Store. log_router containers are excluded.
| Task Definition | Container | Image | Log Config | Plaintext Env Vars | Secrets (SSM/SM) |
|---|---|---|---|---|---|
| razed-staging-api-task-definitions:6 | terragon-api | 901472986157.dkr.ecr.eu-central-2.amazonaws.com/razed-staging-api:24a8fe1-1790-devops-test-deploy-to-hk-region | awslogs:/ecs/razed-staging-api | SERVER_PORTSERVICE_NAMEBLACKFIRE_LOG_FILECADDY_SERVER_WORKER_COUNTBLACKFIRE_CLIENT_TOKENBLACKFIRE_SERVER_IDBLACKFIRE_LOG_LEVELSERVER_NAMEBLACKFIRE_SERVER_TOKENFRANKENPHP_WORKER_PATHPROMETHEUS_BCRYPT_PASSWORDBLACKFIRE_CLIENT_ID | - |
| razed-staging-api-task-definitions:6 | filebeat | 901472986157.dkr.ecr.eu-central-2.amazonaws.com/razed-staging-filebeat:3.0-addfield | No logs | GRAYLOG_HOSTFILEBEAT_CONTAINER_NAMEGRAYLOG_LISTEN_PORT | - |
| razed-staging-api-task-definitions:6 | filebeat-integration | 901472986157.dkr.ecr.eu-central-2.amazonaws.com/razed-staging-filebeat:4.0-integration | No logs | GRAYLOG_HOSTGRAYLOG_LISTEN_PORT | - |
| razed-staging-fe-task-definitions:1 | nginx-fe | 268793312478.dkr.ecr.ap-southeast-1.amazonaws.com/nginx-base:fe-3.0 | No logs | None | - |
RDS Instances
| DB Identifier | Engine | Class | Status | Storage | Encrypted | Multi-AZ | Public | Backup | Delete Prot. | Tags |
|---|---|---|---|---|---|---|---|---|---|---|
| razed-staging-global-instance-hongkong | aurora-mysql 8.0.mysql_aurora.3.10.0 | db.r6g.large | available | 1 GiB | Yes | No | No | 1d | No | - |
CloudWatch Log Groups
Total Log Groups: 3
Without Retention Policy: 0
| Log Group Name | Retention (Days) | Stored Size |
|---|---|---|
/ecs/razed-staging-api |
365 | 0 B |
RDSOSMetrics |
30 | 62.15 MB |
razed-staging-backend-redis-slowlog |
365 | 0 B |
Application & Network Load Balancers
| Name | Type | Scheme | State | DNS Name | VPC | AZs | Listeners | Target Groups | Tags |
|---|---|---|---|---|---|---|---|---|---|
| razed-staging-public-alb | APPLICATION | internet-facing | active | razed-staging-public-alb-738381656.ap-east-1.elb.amazonaws.com | vpc-0ad53447db4dd7c5a | 2 | HTTPS:443, HTTP:80 | 2 | map-migrated=migS0EK6JMBZCCustomer=razedEnvironment=staging |
Target Groups
| Load Balancer | Target Group Name | Protocol | Port | Target Type | Health Check |
|---|---|---|---|---|---|
| razed-staging-public-alb | razed-staging-api-tg-441 | HTTPS | 441 | ip | HTTPS:/robots.txt |
| razed-staging-public-alb | razed-staging-fe-tg-443 | HTTPS | 443 | instance | HTTPS:/robots.txt |
Security Groups (In Use)
| Name | Group ID | VPC | Used By | Inbound Ports | Outbound Ports | Open to Internet | Tags |
|---|---|---|---|---|---|---|---|
| razed-staging-allow-local-port-3306 | sg-043bb3be3960ba9cd |
vpc-0ad53447db4dd7c5a | RDS(1) | tcp:0-65535, tcp:3306 | All | No | Environment=stagingmap-migrated=migS0EK6JMBZCCustomer=razed |
| razed-staging-allow-ssh | sg-05cd3dc31913af2ad |
vpc-0ad53447db4dd7c5a | EC2(1) | tcp:22 | All | No | Customer=razedmap-migrated=migS0EK6JMBZCEnvironment=staging |
| razed-staging-allow-http-https | sg-02ec7d18243647be6 |
vpc-0ad53447db4dd7c5a | APPLICATION(1) | tcp:443, tcp:80 | All | Yes | Customer=razedEnvironment=stagingmap-migrated=migS0EK6JMBZC |
| razed-staging-allow-local | sg-07d727ab4a4cdc5fe |
vpc-0ad53447db4dd7c5a | EC2(1), ECS(1) | All, tcp:0-65535, tcp:5439 | All | No | Customer=razedmap-migrated=migS0EK6JMBZCEnvironment=staging |
Security Group Rules Detail
| Security Group | Direction | Protocol | Port Range | Source/Destination |
|---|---|---|---|---|
razed-staging-allow-local-port-3306 sg-043bb3be3960ba9cd |
Inbound | tcp | 0-65535 | sg: sg-043bb3be3960ba9cd |
razed-staging-allow-local-port-3306 sg-043bb3be3960ba9cd |
Inbound | tcp | 3306 | 172.20.1.0/24, 172.20.3.0/24, 10.0.2.33/32, 11.0.0.0/16, 10.0.0.0/16 |
razed-staging-allow-ssh sg-05cd3dc31913af2ad |
Inbound | tcp | 22 | 18.185.233.97/32, 14.161.16.211/32, 115.79.29.29/32, 115.78.100.17/32, 119.93.179.143/32 |
razed-staging-allow-http-https sg-02ec7d18243647be6 |
Inbound | tcp | 80 | 0.0.0.0/0 |
razed-staging-allow-http-https sg-02ec7d18243647be6 |
Inbound | tcp | 443 | 0.0.0.0/0 |
razed-staging-allow-local sg-07d727ab4a4cdc5fe |
Inbound | tcp | 5439 | 11.0.0.0/16 |
razed-staging-allow-local sg-07d727ab4a4cdc5fe |
Inbound | tcp | 0-65535 | sg: sg-07d727ab4a4cdc5fe |
razed-staging-allow-local sg-07d727ab4a4cdc5fe |
Inbound | All | All | 172.20.3.0/24, 172.20.4.0/24, 172.20.1.0/24, 172.20.2.0/24 |
razed-staging-allow-local-port-3306 sg-043bb3be3960ba9cd |
Outbound | All | All | 0.0.0.0/0 |
razed-staging-allow-ssh sg-05cd3dc31913af2ad |
Outbound | All | All | 0.0.0.0/0 |
razed-staging-allow-http-https sg-02ec7d18243647be6 |
Outbound | All | All | 0.0.0.0/0 |
razed-staging-allow-local sg-07d727ab4a4cdc5fe |
Outbound | All | All | 0.0.0.0/0 |
Compliance Findings
Network & Security (Section 5.2)
1
Open Security Groups (0.0.0.0/0)
0
EC2 Without IMDSv2
Yes
CloudTrail Enabled
Data Protection (Section 5.4)
2
Unencrypted EBS Volumes
0
Unencrypted RDS
0
SQS Without Encryption
Logging & Monitoring (Section 5.3)
0
Log Groups (No Retention)
RDS Standards (Section 7)
0
Public RDS Instances
1
RDS Without Multi-AZ
0
RDS Without Backups
Lambda Standards (Section 7)
0
Lambda Default Timeout (3s)
0
Lambda Without DLQ
SQS Standards (Section 7)
0
SQS Without DLQ
ECS Standards (Section 7)
17
Plaintext Env Vars
0
Privileged Containers