🔐 IAM (Global)
IAM Compliance Findings
5
Total IAM Users
5
Users Without MFA
0
Access Keys >90 Days Old
1
Users with Admin Access
IAM Users
| User Name | MFA Enabled | Access Key ID | Key Status | Key Created |
|---|---|---|---|---|
| devops | No | AKIAUV7Y35H2LGMNZM6C | Active | 2025-11-03 |
| devops | No | AKIAUV7Y35H2JD2WXK4S | Active | 2026-01-08 |
| spinbet_dev_cms_nginx_s3_gateway | No | - | - | - |
| spinbet_dev_ecs_deploy | No | - | - | - |
| spinbet_dev_s3upload | No | - | - | - |
| spinbet_dev_sqs | No | - | - | - |
Users with AdministratorAccess Policy
| User Name |
|---|
| devops |
📍 Region: eu-west-2
VPCs & Subnets
| Name | VPC ID | CIDR Block | State | Tenancy | Tags |
|---|---|---|---|---|---|
| aws-controltower-VPC | vpc-0d7811b28f5b788b5 |
172.31.0.0/16 | available | default | aws:cloudformation:stack-name=StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-1a2756f0-abad-4e82-abdd-e9cac2569c93aws:cloudformation:logical-id=VPCaws:cloudformation:stack-id=arn:aws:cloudformation:eu-west-2:322107599348:stack/StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-1a2756f0-abad-4e82-abdd-e9cac2569c93/374723c0-2abd-11f0-b0f9-02104a2fc6b1 |
Subnets
| Name | Subnet ID | VPC ID | CIDR Block | AZ | Available IPs | Public IP on Launch | Tags |
|---|---|---|---|---|---|---|---|
| aws-controltower-PrivateSubnet2A | subnet-06db6b573eb158ad2 |
vpc-0d7811b28f5b788b5 | 172.31.32.0/20 | eu-west-2b | 4091 | No | Network=Privateaws:cloudformation:stack-id=arn:aws:cloudformation:eu-west-2:322107599348:stack/StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-1a2756f0-abad-4e82-abdd-e9cac2569c93/374723c0-2abd-11f0-b0f9-02104a2fc6b1aws:cloudformation:logical-id=PrivateSubnet2Aaws:cloudformation:stack-name=StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-1a2756f0-abad-4e82-abdd-e9cac2569c93 |
| aws-controltower-PrivateSubnet1A | subnet-0207cbce3c6f02a1d |
vpc-0d7811b28f5b788b5 | 172.31.64.0/20 | eu-west-2a | 4091 | No | aws:cloudformation:stack-id=arn:aws:cloudformation:eu-west-2:322107599348:stack/StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-1a2756f0-abad-4e82-abdd-e9cac2569c93/374723c0-2abd-11f0-b0f9-02104a2fc6b1Network=Privateaws:cloudformation:stack-name=StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-1a2756f0-abad-4e82-abdd-e9cac2569c93aws:cloudformation:logical-id=PrivateSubnet1A |
| aws-controltower-PrivateSubnet3A | subnet-038cb73595af2fabd |
vpc-0d7811b28f5b788b5 | 172.31.80.0/20 | eu-west-2c | 4091 | No | aws:cloudformation:logical-id=PrivateSubnet3Aaws:cloudformation:stack-name=StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-1a2756f0-abad-4e82-abdd-e9cac2569c93Network=Privateaws:cloudformation:stack-id=arn:aws:cloudformation:eu-west-2:322107599348:stack/StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-1a2756f0-abad-4e82-abdd-e9cac2569c93/374723c0-2abd-11f0-b0f9-02104a2fc6b1 |
Lambda Functions
| Function Name | Runtime | Memory | Timeout | VPC | Last Modified | Tags |
|---|---|---|---|---|---|---|
| aws-controltower-NotificationForwarder | python3.13 | 128 MB | 60s | No VPC | 2025-08-21 | aws:cloudformation:logical-id=ForwardSnsNotificationaws:cloudformation:stack-id=arn:aws:cloudformation:eu-west-2:322107599348:stack/StackSet-AWSControlTowerBP-BASELINE-CLOUDWATCH-28fc9da2-e47b-402f-8683-4f14db4a5de4/bcea5f20-2abc-11f0-9ea8-06f0458382a9aws:cloudformation:stack-name=StackSet-AWSControlTowerBP-BASELINE-CLOUDWATCH-28fc9da2-e47b-402f-8683-4f14db4a5de4 |
CloudWatch Log Groups
Total Log Groups: 2
Without Retention Policy: 0
| Log Group Name | Retention (Days) | Stored Size |
|---|---|---|
/aws/lambda/aws-controltower-NotificationForwarder |
14 | 0 B |
StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-1a2756f0-abad-4e82-abdd-e9cac2569c93-VPCFlowLogsLogGroup-8F3hGTkqsXB8 |
90 | 0 B |
Compliance Findings
Network & Security (Section 5.2)
0
Open Security Groups (0.0.0.0/0)
0
EC2 Without IMDSv2
Yes
CloudTrail Enabled
Data Protection (Section 5.4)
0
Unencrypted EBS Volumes
0
Unencrypted RDS
0
SQS Without Encryption
Logging & Monitoring (Section 5.3)
0
Log Groups (No Retention)
RDS Standards (Section 7)
0
Public RDS Instances
0
RDS Without Multi-AZ
0
RDS Without Backups
Lambda Standards (Section 7)
0
Lambda Default Timeout (3s)
1
Lambda Without DLQ
SQS Standards (Section 7)
0
SQS Without DLQ
ECS Standards (Section 7)
0
Plaintext Env Vars
0
Privileged Containers
📍 Region: eu-central-1
VPCs & Subnets
| Name | VPC ID | CIDR Block | State | Tenancy | Tags |
|---|---|---|---|---|---|
| spinbet-dev-vpc | vpc-01cb89980745c1320 |
172.20.0.0/16 | available | default | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
Subnets
| Name | Subnet ID | VPC ID | CIDR Block | AZ | Available IPs | Public IP on Launch | Tags |
|---|---|---|---|---|---|---|---|
| spinbet-dev-public-subnet-1 | subnet-0a7d1e8c8ea4ed5db |
vpc-01cb89980745c1320 | 172.20.2.0/24 | eu-central-1a | 245 | No | Customer=spinbetmap-migrated=migS0EK6JMBZCEnvironment=dev |
| spinbet-dev-private-subnet-1 | subnet-0d6661f55fd5132fb |
vpc-01cb89980745c1320 | 172.20.1.0/24 | eu-central-1a | 246 | No | Customer=spinbetEnvironment=devmap-migrated=migS0EK6JMBZC |
| spinbet-dev-public-subnet-2 | subnet-007065850b4083f0c |
vpc-01cb89980745c1320 | 172.20.4.0/24 | eu-central-1b | 250 | No | Environment=devCustomer=spinbetmap-migrated=migS0EK6JMBZC |
| spinbet-dev-private-subnet-2 | subnet-09829e224cb656834 |
vpc-01cb89980745c1320 | 172.20.3.0/24 | eu-central-1b | 247 | No | Customer=spinbetEnvironment=devmap-migrated=migS0EK6JMBZC |
EC2 Instances
| Name | Instance ID | Type | State | Public IP | Private IP | VPC | Security Groups | AMI | Key Pair | IAM Profile | EBS Volumes | IMDSv2 | Tags |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| spinbet_dev_sharky | i-05bb084bf3f31cf38 |
t3a.small | running | - | 172.20.1.91 | vpc-01cb89980745c1320 | sg-044f2ce5563dedb16 | ami-02003f9f0fde924ea | spinbet_dev_July2024 | SSMInstanceProfile | 1 | required | Customer=spinbetEnvironment=devmap-migrated=migS0EK6JMBZC |
| spinbet_dev_integration_graylog | i-0fd96277ebee5bc7c |
t3a.medium | running | 3.76.40.230 | 172.20.2.13 | vpc-01cb89980745c1320 | sg-044f2ce5563dedb16 | ami-02003f9f0fde924ea | spinbet_dev_July2024 | SSMInstanceProfile | 1 | required | Environment=devCustomer=spinbetmap-migrated=migS0EK6JMBZC |
| spinbet_dev_elk | i-02766378d2db8e0ad |
t3a.medium | running | 3.79.241.35 | 172.20.2.109 | vpc-01cb89980745c1320 | sg-044f2ce5563dedb16 | ami-02003f9f0fde924ea | spinbet_dev_July2024 | SSMInstanceProfile | 1 | required | Environment=devmap-migrated=migS0EK6JMBZCCustomer=spinbet |
| spinbet_dev_bastion_host | i-0f5856ca5f039be82 |
t3a.medium | running | 3.73.243.94 | 172.20.2.157 | vpc-01cb89980745c1320 | sg-0fd77a12e58741bc9 | ami-02003f9f0fde924ea | spinbet_dev_July2024 | SSMInstanceProfile | 1 | required | Environment=devmap-migrated=migS0EK6JMBZCCustomer=spinbet |
| spinbet_dev_graylog | i-00e9fa6ee955d17ee |
t3a.medium | running | 18.192.129.87 | 172.20.2.75 | vpc-01cb89980745c1320 | sg-044f2ce5563dedb16 | ami-02003f9f0fde924ea | spinbet_dev_July2024 | SSMInstanceProfile | 1 | required | Customer=spinbetEnvironment=devmap-migrated=migS0EK6JMBZC |
| ECS Instance - EC2ContainerService-spinbet-dev-ecs-cluster | i-01fe8dc3d038a8e08 |
m6a.2xlarge | running | - | 172.20.1.62 | vpc-01cb89980745c1320 | sg-044f2ce5563dedb16 | ami-0f4abab5b337727c6 | spinbet_dev_July2024 | SSM_EcsInstanceProfile | 1 | optional | aws:autoscaling:groupName=spinbet-dev-Asg-ecs-clusterEnvironment=devAmazonECSManaged=ECS Cluster managed by Amazonaws:ec2launchtemplate:id=lt-0d0c057487efccab8aws:ec2launchtemplate:version=2Customer=spinbet |
| dev-frankfurt-frontend | i-03315567fca742a53 |
t4g.medium | running | 18.199.125.16 | 172.31.26.19 | vpc-0a503d906f2a277cf | sg-0510bedfd7de01b78 | ami-039a13962b09930f1 | spinbet_dev_July2024 | SSMInstanceProfile | 1 | required | Location=frankfurtApplication=frontendBrand=spinbetmap-migrated=migS0EK6JMBZCEnvironment=devManagedBy=terraform |
| dev-frankfurt-spinbet-chat-dev | i-02ab93483c8f175e4 |
t4g.medium | running | 3.74.70.114 | 172.31.12.138 | vpc-0a503d906f2a277cf | sg-0a3ae8ea8beefa038 | ami-0d2c380199f9897f1 | - | dev-frankfurt-spinbet-chat-dev-profile | 1 | optional | environment=devPurpose=SpinBet chat development environmentapp=chat-devbrand=spinbetmap-migrated=migS0EK6JMBZClocation=frankfurt |
EBS Volumes
| Name | Volume ID | Size (GiB) | Type | State | Encrypted | IOPS | Attached Instance | Device | AZ | Tags |
|---|---|---|---|---|---|---|---|---|---|---|
| spinbet_dev_elk_volume | vol-0c6bf5964afb22472 |
30 | gp3 | in-use | No | 3000 | i-02766378d2db8e0ad | /dev/sda1 | eu-central-1a | Environment=devCustomer=spinbetmap-migrated=migS0EK6JMBZC |
| dev-frankfurt-frontend-root | vol-02a0c192fc1388b22 |
30 | gp3 | in-use | Yes | 3000 | i-03315567fca742a53 | /dev/sda1 | eu-central-1a | ManagedBy=terraformApplication=frontendBrand=spinbetEnvironment=devLocation=frankfurt |
| spinbet_dev_graylog_volume | vol-0e20cb5165573eb7f |
50 | gp3 | in-use | No | 3000 | i-00e9fa6ee955d17ee | /dev/sda1 | eu-central-1a | Environment=devCustomer=spinbetmap-migrated=migS0EK6JMBZC |
| spinbet_dev_bastion_host_volume | vol-0612571ef63d25a76 |
50 | gp3 | in-use | No | 3000 | i-0f5856ca5f039be82 | /dev/sda1 | eu-central-1a | Environment=devmap-migrated=migS0EK6JMBZCCustomer=spinbet |
| spinbet_dev_integration_graylog_volume | vol-0aaf1492463497ed3 |
20 | gp3 | in-use | No | 3000 | i-0fd96277ebee5bc7c | /dev/sda1 | eu-central-1a | Environment=devmap-migrated=migS0EK6JMBZCCustomer=spinbet |
| - | vol-09a8cd430907294e6 |
30 | gp3 | in-use | Yes | 3000 | i-02ab93483c8f175e4 | /dev/sda1 | eu-central-1c | - |
| - | vol-0c1275dcc44e87b18 |
100 | gp3 | in-use | No | 3000 | i-01fe8dc3d038a8e08 | /dev/xvda | eu-central-1a | - |
| spinbet_dev_sharky_volume | vol-02f6041b89203610c |
15 | gp3 | in-use | No | 3000 | i-05bb084bf3f31cf38 | /dev/sda1 | eu-central-1a | Environment=devmap-migrated=migS0EK6JMBZCCustomer=spinbet |
ECS Clusters
| Cluster Name | Status | Running Tasks | Pending Tasks | Active Services | Container Instances |
|---|---|---|---|---|---|
| spinbet-dev-ecs-cluster | ACTIVE | 0 | 0 | 9 | 1 |
ECS Services
| Service Name | Status | Desired | Running | Launch Type | Task Definition | Load Balancers | Security Groups |
|---|---|---|---|---|---|---|---|
| spinbet-dev-websocket-services | ACTIVE | 0 | 0 | EC2 | spinbet-dev-websocket-task-definitions:1 | 1 target groups | |
| spinbet-dev-cronjob-service | ACTIVE | 0 | 0 | EC2 | spinbet-dev-cronjob-task-definitions:1 | 0 target groups | |
| spinbet-dev-bo-service | ACTIVE | 0 | 0 | EC2 | spinbet-dev-bo-task-definitions:1 | 1 target groups | |
| spinbet-dev-queue-worker-service | ACTIVE | 0 | 0 | EC2 | spinbet-dev-queue-worker-task-definitions:1 | 0 target groups | |
| spinbet-dev-cdn-cms-service | ACTIVE | 0 | 0 | EC2 | spinbet-dev-cdn-cms-task-definitions:1 | 1 target groups | |
| spinbet-dev-fe-service | ACTIVE | 0 | 0 | EC2 | spinbet-dev-fe-task-definitions:1 | 1 target groups | |
| spinbet-dev-callback-service | ACTIVE | 0 | 0 | EC2 | spinbet-dev-callback-task-definitions:1 | 1 target groups | |
| spinbet-dev-cms-service | ACTIVE | 0 | 0 | EC2 | spinbet-dev-cms-task-definitions:1 | 2 target groups | |
| spinbet-dev-api-service | ACTIVE | 0 | 0 | EC2 | spinbet-dev-api-task-definitions:1 | 1 target groups |
ECS Task Definitions (Active)
| Family | Rev | CPU | Memory | Containers | Task Role | Privileged | Env Vars | Secrets | Log Config |
|---|---|---|---|---|---|---|---|---|---|
| spinbet-dev-api-task-definitions | 1 | - | - | 4 | No | No | 4 | 0 | No logs |
| spinbet-dev-bo-task-definitions | 1 | - | - | 4 | No | No | 4 | 0 | No logs |
| spinbet-dev-callback-task-definitions | 1 | - | - | 4 | No | No | 4 | 0 | No logs |
| spinbet-dev-cdn-cms-task-definitions | 1 | - | - | 1 | No | No | 0 | 0 | No logs |
| spinbet-dev-cms-task-definitions | 1 | - | - | 2 | No | No | 0 | 0 | No logs |
| spinbet-dev-cronjob-task-definitions | 1 | - | - | 3 | No | No | 4 | 0 | No logs |
| spinbet-dev-fe-task-definitions | 1 | - | - | 2 | No | No | 0 | 0 | No logs |
| spinbet-dev-queue-worker-task-definitions | 1 | - | - | 3 | No | No | 4 | 0 | No logs |
| spinbet-dev-websocket-task-definitions | 1 | - | - | 3 | No | No | 0 | 0 | No logs, json-file |
Container Configuration Detail
⚠️ Plaintext environment variables should be avoided for sensitive data. Use Secrets Manager or SSM Parameter Store. log_router containers are excluded.
| Task Definition | Container | Image | Log Config | Plaintext Env Vars | Secrets (SSM/SM) |
|---|---|---|---|---|---|
| spinbet-dev-api-task-definitions:1 | nginx-api | 322107599348.dkr.ecr.eu-central-1.amazonaws.com/nginx-base:api-3.0 | No logs | None | - |
| spinbet-dev-api-task-definitions:1 | terragon-api | 322107599348.dkr.ecr.eu-central-1.amazonaws.com/spinbet-dev-api:4d9762d-38-develop | No logs | None | - |
| spinbet-dev-api-task-definitions:1 | filebeat | 322107599348.dkr.ecr.eu-central-1.amazonaws.com/filebeat:3.0 | No logs | GRAYLOG_HOSTGRAYLOG_LISTEN_PORT | - |
| spinbet-dev-api-task-definitions:1 | filebeat-integration | 322107599348.dkr.ecr.eu-central-1.amazonaws.com/filebeat:3.0-integration | No logs | GRAYLOG_HOSTGRAYLOG_LISTEN_PORT | - |
| spinbet-dev-bo-task-definitions:1 | nginx-bo | 322107599348.dkr.ecr.eu-central-1.amazonaws.com/nginx-base:bo-3.0 | No logs | None | - |
| spinbet-dev-bo-task-definitions:1 | terragon-bo | 322107599348.dkr.ecr.eu-central-1.amazonaws.com/spinbet-dev-bo:4d9762d-38-develop | No logs | None | - |
| spinbet-dev-bo-task-definitions:1 | filebeat | 322107599348.dkr.ecr.eu-central-1.amazonaws.com/filebeat:3.0 | No logs | GRAYLOG_HOSTGRAYLOG_LISTEN_PORT | - |
| spinbet-dev-bo-task-definitions:1 | filebeat-integration | 322107599348.dkr.ecr.eu-central-1.amazonaws.com/filebeat:3.0-integration | No logs | GRAYLOG_HOSTGRAYLOG_LISTEN_PORT | - |
| spinbet-dev-callback-task-definitions:1 | nginx-callback | 322107599348.dkr.ecr.eu-central-1.amazonaws.com/nginx-base:callback-3.0 | No logs | None | - |
| spinbet-dev-callback-task-definitions:1 | terragon-callback | 322107599348.dkr.ecr.eu-central-1.amazonaws.com/spinbet-dev-callback:4d9762d-38-develop | No logs | None | - |
| spinbet-dev-callback-task-definitions:1 | filebeat | 322107599348.dkr.ecr.eu-central-1.amazonaws.com/filebeat:3.0 | No logs | GRAYLOG_HOSTGRAYLOG_LISTEN_PORT | - |
| spinbet-dev-callback-task-definitions:1 | filebeat-integration | 322107599348.dkr.ecr.eu-central-1.amazonaws.com/filebeat:3.0-integration | No logs | GRAYLOG_HOSTGRAYLOG_LISTEN_PORT | - |
| spinbet-dev-cdn-cms-task-definitions:1 | nginx-s3-gateway | 322107599348.dkr.ecr.eu-central-1.amazonaws.com/spinbet-dev-nginx-base:s3-gateway-1.0 | No logs | None | - |
| spinbet-dev-cms-task-definitions:1 | nginx-cms | 322107599348.dkr.ecr.eu-central-1.amazonaws.com/nginx-base:cms-3.0 | No logs | None | - |
| spinbet-dev-cms-task-definitions:1 | terragon-cms | 322107599348.dkr.ecr.eu-central-1.amazonaws.com/spinbet-dev-cms:b0e8eb4-1-devops-test-deploy-dev-env | No logs | None | - |
| spinbet-dev-cronjob-task-definitions:1 | cronjob | 322107599348.dkr.ecr.eu-central-1.amazonaws.com/spinbet-dev-cronjob:4d9762d-38-develop | No logs | None | - |
| spinbet-dev-cronjob-task-definitions:1 | filebeat | 322107599348.dkr.ecr.eu-central-1.amazonaws.com/filebeat:3.0 | No logs | GRAYLOG_HOSTGRAYLOG_LISTEN_PORT | - |
| spinbet-dev-cronjob-task-definitions:1 | filebeat-integration | 322107599348.dkr.ecr.eu-central-1.amazonaws.com/filebeat:3.0-integration | No logs | GRAYLOG_HOSTGRAYLOG_LISTEN_PORT | - |
| spinbet-dev-fe-task-definitions:1 | nginx-fe | 322107599348.dkr.ecr.eu-central-1.amazonaws.com/nginx-base:fe-3.0 | No logs | None | - |
| spinbet-dev-fe-task-definitions:1 | app | 322107599348.dkr.ecr.eu-central-1.amazonaws.com/spinbet-dev-fe:8c8ff7b-14-develop | No logs | None | - |
| spinbet-dev-queue-worker-task-definitions:1 | queue-worker | 322107599348.dkr.ecr.eu-central-1.amazonaws.com/spinbet-dev-queue-worker:4d9762d-38-develop | No logs | None | - |
| spinbet-dev-queue-worker-task-definitions:1 | filebeat | 322107599348.dkr.ecr.eu-central-1.amazonaws.com/filebeat:3.0 | No logs | GRAYLOG_HOSTGRAYLOG_LISTEN_PORT | - |
| spinbet-dev-queue-worker-task-definitions:1 | filebeat-integration | 322107599348.dkr.ecr.eu-central-1.amazonaws.com/filebeat:3.0-integration | No logs | GRAYLOG_HOSTGRAYLOG_LISTEN_PORT | - |
| spinbet-dev-websocket-task-definitions:1 | nginx-websocket | 322107599348.dkr.ecr.eu-central-1.amazonaws.com/spinbet-dev-nginx-base:3.0 | No logs | None | - |
| spinbet-dev-websocket-task-definitions:1 | app | 322107599348.dkr.ecr.eu-central-1.amazonaws.com/spinbet-dev-soketi:1.0-16-debian | json-file | None | - |
| spinbet-dev-websocket-task-definitions:1 | redis | redis:alpine | No logs | None | - |
RDS Instances
| DB Identifier | Engine | Class | Status | Storage | Encrypted | Multi-AZ | Public | Backup | Delete Prot. | Tags |
|---|---|---|---|---|---|---|---|---|---|---|
| spinbet-dev-db-master | mysql 8.0.42 | db.t4g.large | available | 50 GiB | Yes | No | No | 7d | Yes | map-migrated=migS0EK6JMBZCEnvironment=devCustomer=spinbetName=spinbet-dev-database-master |
SQS Queues
Total Queues: 56
Without Encryption: 56
Without DLQ: 56
| Queue Name | Type | Encrypted | DLQ Configured | Visibility Timeout | Messages | Tags |
|---|---|---|---|---|---|---|
| accumulate_bonus_programs_ref_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| accumulate_bonus_programs_referral_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| accumulate_bonus_programs_settle_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| accumulate_bonus_programs_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| accumulate_bonus_programs_spinbet_dev.fifo | FIFO | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| ad_checks_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| assign_new_game_to_bonus_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| assign_new_game_to_game_segment_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| audit_logs_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| automatic_withdrawal_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| betting_limit_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| bonuses_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| broadcast_balance_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| broadcast_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| campaign_message_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| casino_bet_detail_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| challenges_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| compliance_actions_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| compliances_spinbet_dev.fifo | FIFO | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| crm_high_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| crm_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| default_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| emails_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| export_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| game_log_locks_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| game_logs_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| game_logs_spinbet_dev.fifo | FIFO | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| import_batches_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| kyc_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| loyalty_programs_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| payment_integration_logs_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| player_activities_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| player_tips_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| player_transaction_summary_realtime_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| player_transactional_summary_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| player_vip_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| post_wagered_bonus_programs_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| prune_open_bets_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| quests_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| rebate_programs_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| recent_games_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| recent_reward_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| referral_plans_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| risk_fraud_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| segments_computing_spinbet_dev.fifo | FIFO | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| segments_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| segments_spinbet_dev.fifo | FIFO | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| sms_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| sportbook_bet_detail_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| spotlight-search_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| sync_game_to_ec_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| telescope_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| tournaments_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| tournaments_spinbet_dev.fifo | FIFO | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| wagering_requirements_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| webhook_call_spinbet_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
Secrets Manager
Total Secrets: 2
Without Rotation: 2
| Secret Name | Description | KMS Key | Rotation | Last Rotated | Last Accessed | Tags |
|---|---|---|---|---|---|---|
| spinbet-dev-rds-admin-password | - | secretsmanager |
Disabled | - | 2025-08-15 | - |
| spinbet-dev-redshift-admin-password | - | secretsmanager |
Disabled | - | 2025-08-15 | - |
AWS Amplify Apps
| App Name | App ID | Platform | Repository | Default Domain | Production Branch | Branches | Created | Tags |
|---|---|---|---|---|---|---|---|---|
| chat-back-office-web | dg2bo2r80n083 |
WEB | https://github.com/bwgservices/chat-back-office-web | dg2bo2r80n083.amplifyapp.com | main | 2 | 2025-11-04 | - |
Amplify Branches
| App Name | Branch Name | Stage | Framework | Auto Build | Basic Auth | Total Jobs |
|---|---|---|---|---|---|---|
| chat-back-office-web | development | DEVELOPMENT | React | Yes | No | 0 |
| chat-back-office-web | main | PRODUCTION | - | Yes | No | 0 |
CloudWatch Log Groups
Total Log Groups: 2
Without Retention Policy: 1
| Log Group Name | Retention (Days) | Stored Size |
|---|---|---|
/aws/rds/instance/spinbet-dev-db-master/error |
Never Expire | 31.09 KB |
RDSOSMetrics |
30 | 61.85 MB |
Application & Network Load Balancers
| Name | Type | Scheme | State | DNS Name | VPC | AZs | Listeners | Target Groups | Tags |
|---|---|---|---|---|---|---|---|---|---|
| spinbet-dev-ecs-alb | APPLICATION | internet-facing | active | spinbet-dev-ecs-alb-792695400.eu-central-1.elb.amazonaws.com | vpc-01cb89980745c1320 | 2 | HTTPS:443, HTTP:80 | 10 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
| spinbet-dev-ecs-internal-alb | APPLICATION | internal | active | internal-spinbet-dev-ecs-internal-alb-669454644.eu-central-1.elb.amazonaws.com | vpc-01cb89980745c1320 | 2 | HTTP:80, HTTPS:443 | 1 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=dev |
Target Groups
| Load Balancer | Target Group Name | Protocol | Port | Target Type | Health Check |
|---|---|---|---|---|---|
| spinbet-dev-ecs-alb | spinbet-dev-api-tg-441 | HTTPS | 441 | instance | HTTPS:/robots.txt |
| spinbet-dev-ecs-alb | spinbet-dev-bo-tg-440 | HTTPS | 440 | instance | HTTPS:/robots.txt |
| spinbet-dev-ecs-alb | spinbet-dev-callbk-tg-442 | HTTPS | 442 | instance | HTTPS:/robots.txt |
| spinbet-dev-ecs-alb | spinbet-dev-cdncms-tg-449 | HTTPS | 449 | instance | HTTPS:/health |
| spinbet-dev-ecs-alb | spinbet-dev-cms-tg-444 | HTTPS | 444 | instance | HTTPS:/ |
| spinbet-dev-ecs-alb | spinbet-dev-elk-tg-443 | HTTPS | 443 | instance | HTTPS:/ |
| spinbet-dev-ecs-alb | spinbet-dev-fe-tg-443 | HTTPS | 443 | instance | HTTPS:/robots.txt |
| spinbet-dev-ecs-alb | spinbet-dev-graylg-tg-443 | HTTPS | 443 | instance | HTTPS:/ |
| spinbet-dev-ecs-alb | spinbet-dev-intgrlg-tg443 | HTTPS | 443 | instance | HTTPS:/ |
| spinbet-dev-ecs-alb | spinbet-dev-wbsket-tg6002 | HTTPS | 6002 | instance | HTTPS:/ |
| spinbet-dev-ecs-internal-alb | spinbet-dev-cms-internal-444 | HTTPS | 444 | instance | HTTPS:/ |
Security Groups (In Use)
| Name | Group ID | VPC | Used By | Inbound Ports | Outbound Ports | Open to Internet | Tags |
|---|---|---|---|---|---|---|---|
| spinbet-dev-allow-http-https | sg-0e8b1c34d84626987 |
vpc-01cb89980745c1320 | APPLICATION(1) | tcp:443, tcp:80 | All | Yes | map-migrated=migS0EK6JMBZCEnvironment=devCustomer=spinbet |
| dev-frankfurt-frontend-sg | sg-0510bedfd7de01b78 |
vpc-0a503d906f2a277cf | EC2(1) | tcp:22, tcp:3000, tcp:443, tcp:80 | All | Yes | Application=frontendBrand=spinbetLocation=frankfurtEnvironment=dev |
| spinbet-dev-allow-ssh | sg-0fd77a12e58741bc9 |
vpc-01cb89980745c1320 | EC2(1) | tcp:22 | All | No | map-migrated=migS0EK6JMBZCEnvironment=devCustomer=spinbet |
| spinbet-dev-allow-local | sg-044f2ce5563dedb16 |
vpc-01cb89980745c1320 | APPLICATION(1), EC2(5) | All | All | No | Customer=spinbetmap-migrated=migS0EK6JMBZCEnvironment=dev |
| spinbet-dev-allow-local-port-3306 | sg-0ec5d6ae74adeca96 |
vpc-01cb89980745c1320 | RDS(1) | tcp:3306 | All | No | Environment=devmap-migrated=migS0EK6JMBZCCustomer=spinbet |
| dev-spinbet-chat-dev-20251028152432720300000001 | sg-0a3ae8ea8beefa038 |
vpc-0a503d906f2a277cf | EC2(1) | tcp:22, tcp:3030, tcp:3100, tcp:443, tcp:5432, tcp:80 | All | Yes | brand=spinbetmap-migrated=migS0EK6JMBZClocation=frankfurtenvironment=devapp=chat-dev |
Security Group Rules Detail
| Security Group | Direction | Protocol | Port Range | Source/Destination |
|---|---|---|---|---|
spinbet-dev-allow-http-https sg-0e8b1c34d84626987 |
Inbound | tcp | 80 | 0.0.0.0/0 |
spinbet-dev-allow-http-https sg-0e8b1c34d84626987 |
Inbound | tcp | 443 | 0.0.0.0/0 |
dev-frankfurt-frontend-sg sg-0510bedfd7de01b78 |
Inbound | tcp | 80 | 0.0.0.0/0 |
dev-frankfurt-frontend-sg sg-0510bedfd7de01b78 |
Inbound | tcp | 22 | 0.0.0.0/0 |
dev-frankfurt-frontend-sg sg-0510bedfd7de01b78 |
Inbound | tcp | 3000 | 0.0.0.0/0 |
dev-frankfurt-frontend-sg sg-0510bedfd7de01b78 |
Inbound | tcp | 443 | 0.0.0.0/0 |
spinbet-dev-allow-ssh sg-0fd77a12e58741bc9 |
Inbound | tcp | 22 | 18.134.162.129/32, 84.252.112.3/32, 119.93.179.143/32, 18.132.4.226/32, 14.161.16.211/32, 152.32.100.39/32 |
spinbet-dev-allow-local sg-044f2ce5563dedb16 |
Inbound | All | All | 172.20.3.0/24, 172.20.4.0/24, 172.20.1.0/24, 172.20.2.0/24 |
spinbet-dev-allow-local-port-3306 sg-0ec5d6ae74adeca96 |
Inbound | tcp | 3306 | 172.20.1.0/24, 172.20.3.0/24, 172.20.2.152/32 |
dev-spinbet-chat-dev-20251028152432720300000001 sg-0a3ae8ea8beefa038 |
Inbound | tcp | 80 | 0.0.0.0/0 |
dev-spinbet-chat-dev-20251028152432720300000001 sg-0a3ae8ea8beefa038 |
Inbound | tcp | 5432 | 0.0.0.0/0 |
dev-spinbet-chat-dev-20251028152432720300000001 sg-0a3ae8ea8beefa038 |
Inbound | tcp | 22 | 0.0.0.0/0 |
dev-spinbet-chat-dev-20251028152432720300000001 sg-0a3ae8ea8beefa038 |
Inbound | tcp | 3030 | 0.0.0.0/0 |
dev-spinbet-chat-dev-20251028152432720300000001 sg-0a3ae8ea8beefa038 |
Inbound | tcp | 3100 | 0.0.0.0/0 |
dev-spinbet-chat-dev-20251028152432720300000001 sg-0a3ae8ea8beefa038 |
Inbound | tcp | 443 | 0.0.0.0/0 |
spinbet-dev-allow-http-https sg-0e8b1c34d84626987 |
Outbound | All | All | 0.0.0.0/0 |
dev-frankfurt-frontend-sg sg-0510bedfd7de01b78 |
Outbound | All | All | 0.0.0.0/0 |
spinbet-dev-allow-ssh sg-0fd77a12e58741bc9 |
Outbound | All | All | 0.0.0.0/0 |
spinbet-dev-allow-local sg-044f2ce5563dedb16 |
Outbound | All | All | 0.0.0.0/0 |
spinbet-dev-allow-local-port-3306 sg-0ec5d6ae74adeca96 |
Outbound | All | All | 0.0.0.0/0 |
dev-spinbet-chat-dev-20251028152432720300000001 sg-0a3ae8ea8beefa038 |
Outbound | All | All | 0.0.0.0/0 |
Compliance Findings
Network & Security (Section 5.2)
4
Open Security Groups (0.0.0.0/0)
2
EC2 Without IMDSv2
Yes
CloudTrail Enabled
Data Protection (Section 5.4)
6
Unencrypted EBS Volumes
0
Unencrypted RDS
56
SQS Without Encryption
Logging & Monitoring (Section 5.3)
1
Log Groups (No Retention)
RDS Standards (Section 7)
0
Public RDS Instances
1
RDS Without Multi-AZ
0
RDS Without Backups
Lambda Standards (Section 7)
0
Lambda Default Timeout (3s)
0
Lambda Without DLQ
SQS Standards (Section 7)
56
SQS Without DLQ
ECS Standards (Section 7)
20
Plaintext Env Vars
0
Privileged Containers