🔐 IAM (Global)
IAM Compliance Findings
7
Total IAM Users
7
Users Without MFA
0
Access Keys >90 Days Old
1
Users with Admin Access
IAM Users
| User Name | MFA Enabled | Access Key ID | Key Status | Key Created |
|---|---|---|---|---|
| spinbet-chat-s3-user | No | AKIAWLHTV5QAXMC7X7NV | Active | 2025-11-04 |
| spinbet_prod_cms_nginx_s3_gateway | No | - | - | - |
| spinbet_prod_devops | No | AKIAWLHTV5QARAXHSGFM | Active | 2026-01-07 |
| spinbet_prod_ecs_deploy | No | - | - | - |
| spinbet_prod_grafana | No | - | - | - |
| spinbet_prod_s3upload | No | - | - | - |
| spinbet_prod_sqs | No | - | - | - |
Users with AdministratorAccess Policy
| User Name |
|---|
| spinbet_prod_devops |
📍 Region: eu-west-2
VPCs & Subnets
| Name | VPC ID | CIDR Block | State | Tenancy | Tags |
|---|---|---|---|---|---|
| aws-controltower-VPC | vpc-0c91570a53a367767 |
172.31.0.0/16 | available | default | aws:cloudformation:logical-id=VPCaws:cloudformation:stack-name=StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-94c7a6b9-0c84-4552-a7bc-8aa660ce3b4baws:cloudformation:stack-id=arn:aws:cloudformation:eu-west-2:436450225153:stack/StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-94c7a6b9-0c84-4552-a7bc-8aa660ce3b4b/b85bb1c0-2bd9-11f0-951f-0a0456e267a5 |
Subnets
| Name | Subnet ID | VPC ID | CIDR Block | AZ | Available IPs | Public IP on Launch | Tags |
|---|---|---|---|---|---|---|---|
| aws-controltower-PrivateSubnet1A | subnet-053135aba65064e5c |
vpc-0c91570a53a367767 | 172.31.64.0/20 | eu-west-2a | 4091 | No | Network=Privateaws:cloudformation:stack-id=arn:aws:cloudformation:eu-west-2:436450225153:stack/StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-94c7a6b9-0c84-4552-a7bc-8aa660ce3b4b/b85bb1c0-2bd9-11f0-951f-0a0456e267a5aws:cloudformation:logical-id=PrivateSubnet1Aaws:cloudformation:stack-name=StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-94c7a6b9-0c84-4552-a7bc-8aa660ce3b4b |
| aws-controltower-PrivateSubnet2A | subnet-06149e8a2ef4c0f59 |
vpc-0c91570a53a367767 | 172.31.32.0/20 | eu-west-2b | 4091 | No | Network=Privateaws:cloudformation:logical-id=PrivateSubnet2Aaws:cloudformation:stack-id=arn:aws:cloudformation:eu-west-2:436450225153:stack/StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-94c7a6b9-0c84-4552-a7bc-8aa660ce3b4b/b85bb1c0-2bd9-11f0-951f-0a0456e267a5aws:cloudformation:stack-name=StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-94c7a6b9-0c84-4552-a7bc-8aa660ce3b4b |
| aws-controltower-PrivateSubnet3A | subnet-0ae88a9f6830a862f |
vpc-0c91570a53a367767 | 172.31.80.0/20 | eu-west-2c | 4091 | No | aws:cloudformation:logical-id=PrivateSubnet3Aaws:cloudformation:stack-id=arn:aws:cloudformation:eu-west-2:436450225153:stack/StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-94c7a6b9-0c84-4552-a7bc-8aa660ce3b4b/b85bb1c0-2bd9-11f0-951f-0a0456e267a5Network=Privateaws:cloudformation:stack-name=StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-94c7a6b9-0c84-4552-a7bc-8aa660ce3b4b |
Lambda Functions
| Function Name | Runtime | Memory | Timeout | VPC | Last Modified | Tags |
|---|---|---|---|---|---|---|
| aws-controltower-NotificationForwarder | python3.13 | 128 MB | 60s | No VPC | 2025-08-21 | aws:cloudformation:logical-id=ForwardSnsNotificationaws:cloudformation:stack-id=arn:aws:cloudformation:eu-west-2:436450225153:stack/StackSet-AWSControlTowerBP-BASELINE-CLOUDWATCH-11748b5f-bcea-4b56-8e10-7b6f2b6b099b/3e7b7020-2bd9-11f0-8545-0aeb5b8d3553aws:cloudformation:stack-name=StackSet-AWSControlTowerBP-BASELINE-CLOUDWATCH-11748b5f-bcea-4b56-8e10-7b6f2b6b099b |
CloudWatch Log Groups
Total Log Groups: 2
Without Retention Policy: 0
| Log Group Name | Retention (Days) | Stored Size |
|---|---|---|
/aws/lambda/aws-controltower-NotificationForwarder |
14 | 0 B |
StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-94c7a6b9-0c84-4552-a7bc-8aa660ce3b4b-VPCFlowLogsLogGroup-ryuf4r4UbaQO |
90 | 0 B |
Compliance Findings
Network & Security (Section 5.2)
0
Open Security Groups (0.0.0.0/0)
0
EC2 Without IMDSv2
Yes
CloudTrail Enabled
Data Protection (Section 5.4)
0
Unencrypted EBS Volumes
0
Unencrypted RDS
0
SQS Without Encryption
Logging & Monitoring (Section 5.3)
0
Log Groups (No Retention)
RDS Standards (Section 7)
0
Public RDS Instances
0
RDS Without Multi-AZ
0
RDS Without Backups
Lambda Standards (Section 7)
0
Lambda Default Timeout (3s)
1
Lambda Without DLQ
SQS Standards (Section 7)
0
SQS Without DLQ
ECS Standards (Section 7)
0
Plaintext Env Vars
0
Privileged Containers
📍 Region: ap-northeast-1
VPCs & Subnets
| Name | VPC ID | CIDR Block | State | Tenancy | Tags |
|---|---|---|---|---|---|
| cloudnomads-cdk-builder | vpc-0d113ee0d5e28924a |
100.64.0.0/28 | available | default | aws:cloudformation:logical-id=CdkBuilderVpcaws:cloudformation:stack-name=cloudnomads-cdk-builderaws:cloudformation:stack-id=arn:aws:cloudformation:ap-northeast-1:436450225153:stack/cloudnomads-cdk-builder/625ffec0-7751-11f0-addf-0ec92aaf2663 |
| spinbet-prod-vpc | vpc-0b9080babc38088d8 |
10.0.0.0/16 | available | default | Customer=spinbetmap-migrated=migS0EK6JMBZCEnvironment=prod |
Subnets
| Name | Subnet ID | VPC ID | CIDR Block | AZ | Available IPs | Public IP on Launch | Tags |
|---|---|---|---|---|---|---|---|
| spinbet-prod-private-subnet-1 | subnet-09a54aa9c9e1a67aa |
vpc-0b9080babc38088d8 | 10.0.1.0/24 | ap-northeast-1a | 241 | No | Customer=spinbetmap-migrated=migS0EK6JMBZCEnvironment=prod |
| PubSub | subnet-077fef9e36cb97f2f |
vpc-0d113ee0d5e28924a | 100.64.0.0/28 | ap-northeast-1d | 10 | Yes | aws:cloudformation:stack-name=cloudnomads-cdk-builderaws:cloudformation:stack-id=arn:aws:cloudformation:ap-northeast-1:436450225153:stack/cloudnomads-cdk-builder/625ffec0-7751-11f0-addf-0ec92aaf2663aws:cloudformation:logical-id=PublicSubnet |
| spinbet-prod-private-subnet-2 | subnet-01c78fdc4f21474b5 |
vpc-0b9080babc38088d8 | 10.0.3.0/24 | ap-northeast-1c | 243 | No | Customer=spinbetEnvironment=prodmap-migrated=migS0EK6JMBZC |
| spinbet-prod-public-subnet-2 | subnet-0672c0b8f01c71caa |
vpc-0b9080babc38088d8 | 10.0.4.0/24 | ap-northeast-1c | 247 | No | Environment=prodCustomer=spinbetmap-migrated=migS0EK6JMBZC |
| spinbet-prod-public-subnet-1 | subnet-09fc35e5445f8d0c5 |
vpc-0b9080babc38088d8 | 10.0.2.0/24 | ap-northeast-1a | 240 | No | Customer=spinbetmap-migrated=migS0EK6JMBZCEnvironment=prod |
EC2 Instances
| Name | Instance ID | Type | State | Public IP | Private IP | VPC | Security Groups | AMI | Key Pair | IAM Profile | EBS Volumes | IMDSv2 | Tags |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| spinbet_prod_graylog | i-066089578da8cab18 |
t3a.medium | running | 3.112.238.6 | 10.0.2.194 | vpc-0b9080babc38088d8 | sg-046abb3a0f1bd517c | ami-054400ced365b82a0 | spinbet_prod_Oct2024 | SSMInstanceProfile | 1 | required | Environment=prodmap-migrated=migS0EK6JMBZCCustomer=spinbet |
| spinbet_prod_metabase | i-003ea23a8b09e666f |
t3a.medium | running | - | 10.0.1.144 | vpc-0b9080babc38088d8 | sg-046abb3a0f1bd517c | ami-054400ced365b82a0 | spinbet_prod_Oct2024 | SSMInstanceProfile | 1 | required | Environment=prodmap-migrated=migS0EK6JMBZCCustomer=spinbet |
| spinbet_prod_monitoring | i-0127e367ce9381b84 |
t3a.medium | running | - | 10.0.1.116 | vpc-0b9080babc38088d8 | sg-046abb3a0f1bd517c | ami-054400ced365b82a0 | spinbet_prod_Oct2024 | SSMInstanceProfile | 1 | required | Environment=prodmap-migrated=migS0EK6JMBZCCustomer=spinbet |
| spinbet_prod_mongodb_cms | i-0e7a58808ce13feee |
t3a.medium | running | - | 10.0.1.106 | vpc-0b9080babc38088d8 | sg-046abb3a0f1bd517c | ami-054400ced365b82a0 | spinbet_prod_Oct2024 | SSMInstanceProfile | 1 | required | Customer=spinbetEnvironment=prodmap-migrated=migS0EK6JMBZC |
| spinbet_prod_elk | i-03cd53ef122a8f97d |
t3a.large | running | 18.182.26.1 | 10.0.2.200 | vpc-0b9080babc38088d8 | sg-046abb3a0f1bd517c | ami-054400ced365b82a0 | spinbet_prod_Oct2024 | SSMInstanceProfile | 1 | required | Customer=spinbetmap-migrated=migS0EK6JMBZCEnvironment=prod |
| spinbet_prod_bastion_host | i-0336baa39f4124e8b |
t2.micro | running | 52.192.216.93 | 10.0.2.69 | vpc-0b9080babc38088d8 | sg-0c5caaffccf69b9f5 | ami-054400ced365b82a0 | spinbet_prod_Oct2024 | SSMInstanceProfile | 1 | required | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| spinbet_prod_integration_graylog | i-0132243d18be2349d |
t3a.xlarge | running | 18.183.102.156 | 10.0.2.195 | vpc-0b9080babc38088d8 | sg-046abb3a0f1bd517c | ami-054400ced365b82a0 | spinbet_prod_Oct2024 | SSMInstanceProfile | 1 | required | Environment=prodmap-migrated=migS0EK6JMBZCCustomer=spinbet |
| ECS Instance - EC2ContainerService-spinbet-prod-fe-cms-cdn-websocket-ecs-cluster | i-0d88ccaf6b1cf0900 |
m6a.large | running | - | 10.0.3.186 | vpc-0b9080babc38088d8 | sg-046abb3a0f1bd517c | ami-0b3329471740c1bf4 | spinbet_prod_Oct2024 | SSM_EcsInstanceProfile | 1 | required | aws:autoscaling:groupName=spinbet-prod-Asg-fe-cms-cdn-websocket-ecs-clusteraws:ec2launchtemplate:version=1Environment=prodaws:ec2launchtemplate:id=lt-0a811fa8929e98159Customer=spinbetAmazonECSManaged=ECS Cluster managed by Amazon |
| cloudnomads-cdk-builder | i-0d30de0081c483ff8 |
t3a.large | stopped | - | 100.64.0.10 | vpc-0d113ee0d5e28924a | sg-0853aeb0a1601034d | ami-0b57edf0642186fff | - | cloudnomads-cdk-builder-CdkBuilderInstanceProfile-dBxot12nGROV | 1 | required | aws:cloudformation:logical-id=CdkBuilderEc2Instanceaws:cloudformation:stack-name=cloudnomads-cdk-builderaws:cloudformation:stack-id=arn:aws:cloudformation:ap-northeast-1:436450225153:stack/cloudnomads-cdk-builder/625ffec0-7751-11f0-addf-0ec92aaf2663map-migrated=migS0EK6JMBZC |
EBS Volumes
| Name | Volume ID | Size (GiB) | Type | State | Encrypted | IOPS | Attached Instance | Device | AZ | Tags |
|---|---|---|---|---|---|---|---|---|---|---|
| spinbet_prod_monitoring_volume | vol-042894d4c795f69a8 |
80 | gp3 | in-use | No | 3000 | i-0127e367ce9381b84 | /dev/sda1 | ap-northeast-1a | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| spinbet_prod_bastion_host_volume | vol-03cddbb188bc86b1e |
30 | gp3 | in-use | No | 3000 | i-0336baa39f4124e8b | /dev/sda1 | ap-northeast-1a | Customer=spinbetmap-migrated=migS0EK6JMBZCEnvironment=prod |
| spinbet_prod_graylog_volume | vol-05d14dfd8f2704704 |
2000 | gp3 | in-use | No | 3000 | i-066089578da8cab18 | /dev/sda1 | ap-northeast-1a | Customer=spinbetmap-migrated=migS0EK6JMBZCEnvironment=prod |
| spinbet_prod_elk_volume | vol-04d01c82f809ad0e6 |
50 | gp3 | in-use | No | 3000 | i-03cd53ef122a8f97d | /dev/sda1 | ap-northeast-1a | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| spinbet_prod_integration_graylog_volume | vol-0986b72074f77ee49 |
1500 | gp3 | in-use | No | 3000 | i-0132243d18be2349d | /dev/sda1 | ap-northeast-1a | Environment=prodmap-migrated=migS0EK6JMBZCCustomer=spinbet |
| - | vol-064e5edf2dabf330e |
50 | gp3 | in-use | No | 3000 | i-0d30de0081c483ff8 | /dev/sda1 | ap-northeast-1d | - |
| - | vol-0009df6f2fc67aab1 |
100 | gp3 | in-use | No | 3000 | i-0d88ccaf6b1cf0900 | /dev/xvda | ap-northeast-1c | - |
| spinbet_prod_mongodb_cms_volume | vol-006acf68831b27de8 |
50 | gp3 | in-use | No | 3000 | i-0e7a58808ce13feee | /dev/sda1 | ap-northeast-1a | Customer=spinbetmap-migrated=migS0EK6JMBZCEnvironment=prod |
| spinbet_prod_metabase_volume | vol-085942e8d165444aa |
50 | gp3 | in-use | No | 3000 | i-003ea23a8b09e666f | /dev/sda1 | ap-northeast-1a | Environment=prodmap-migrated=migS0EK6JMBZCCustomer=spinbet |
ECS Clusters
| Cluster Name | Status | Running Tasks | Pending Tasks | Active Services | Container Instances |
|---|---|---|---|---|---|
| spinbet-prod-chat-cluster | ACTIVE | 2 | 0 | 2 | 0 |
| spinbet-prod-callback-fargate-ecs-cluster | ACTIVE | 0 | 0 | 1 | 0 |
| spinbet-prod-api-fargate-ecs-cluster | ACTIVE | 0 | 0 | 1 | 0 |
| spinbet-prod-fe-cms-cdn-websocket-ecs-cluster | ACTIVE | 0 | 0 | 4 | 1 |
| spinbet-prod-cronjob-ecs-cluster | ACTIVE | 0 | 0 | 1 | 0 |
| spinbet-prod-queue-worker-fargate-ecs-cluster | ACTIVE | 0 | 0 | 1 | 0 |
| spinbet-prod-bo-agent-ecs-cluster | ACTIVE | 0 | 0 | 1 | 0 |
ECS Services
| Service Name | Status | Desired | Running | Launch Type | Task Definition | Load Balancers | Security Groups |
|---|---|---|---|---|---|---|---|
| spinbet-prod-queue-worker-service | ACTIVE | 0 | 0 | FARGATE | spinbet-prod-queue-worker-task-definitions:1 | 0 target groups | sg-046abb3a0f1bd517c |
| spinbet-prod-bo-service | ACTIVE | 0 | 0 | EC2 | spinbet-prod-bo-task-definitions:1 | 1 target groups | |
| spinbet-prod-callback-service | ACTIVE | 0 | 0 | FARGATE | spinbet-prod-callback-task-definitions:1 | 1 target groups | sg-046abb3a0f1bd517c |
| spinbet-prod-chat-backend-svc | ACTIVE | 1 | 1 | FARGATE | spinbet-prod-chat-backend-td:12 | 1 target groups | sg-0c4cb9224a96cb7f2 |
| spinbet-prod-chat-redis-svc | ACTIVE | 1 | 1 | FARGATE | spinbet-prod-chat-redis-td:2 | 0 target groups | sg-0c4cb9224a96cb7f2 |
| spinbet-prod-api-service | ACTIVE | 0 | 0 | FARGATE | spinbet-prod-api-task-definitions:1 | 1 target groups | sg-046abb3a0f1bd517c |
| spinbet-prod-fe-service | ACTIVE | 0 | 0 | EC2 | spinbet-prod-fe-task-definitions:1 | 1 target groups | |
| spinbet-prod-cdn-cms-service | ACTIVE | 0 | 0 | EC2 | spinbet-prod-cdn-cms-task-definitions:1 | 1 target groups | |
| spinbet-prod-cms-service | ACTIVE | 0 | 0 | EC2 | spinbet-prod-cms-task-definitions:1 | 2 target groups | |
| spinbet-prod-websocket-services | ACTIVE | 0 | 0 | EC2 | spinbet-prod-websocket-task-definitions:1 | 1 target groups | |
| spinbet-prod-cronjob-service | ACTIVE | 0 | 0 | EC2 | spinbet-prod-cronjob-task-definitions:1 | 0 target groups |
ECS Task Definitions (Active)
| Family | Rev | CPU | Memory | Containers | Task Role | Privileged | Env Vars | Secrets | Log Config |
|---|---|---|---|---|---|---|---|---|---|
| spinbet-prod-api-task-definitions | 1 | 512 | 1024 | 1 | Yes | No | 0 | 0 | awslogs:/ecs/spinbet-prod-api |
| spinbet-prod-bo-task-definitions | 1 | - | - | 1 | No | No | 0 | 0 | No logs |
| spinbet-prod-callback-task-definitions | 1 | 512 | 1024 | 1 | Yes | No | 0 | 0 | awslogs:/ecs/spinbet-prod-callback |
| spinbet-prod-cdn-cms-task-definitions | 1 | - | - | 1 | No | No | 0 | 0 | json-file |
| spinbet-prod-chat-backend-td | 12 | 4096 | 8192 | 1 <small class="text-muted">(+router)</small> | No | No | 6 | 4 | grafana-loki |
| spinbet-prod-chat-redis-td | 2 | 512 | 1024 | 1 | No | No | 0 | 0 | awslogs:/ecs/spinbet-prod-chat-redis |
| spinbet-prod-cms-task-definitions | 1 | - | - | 1 | No | No | 0 | 0 | No logs |
| spinbet-prod-cronjob-task-definitions | 1 | - | - | 1 | No | No | 0 | 0 | No logs |
| spinbet-prod-fe-task-definitions | 1 | - | - | 1 | No | No | 0 | 0 | No logs |
| spinbet-prod-queue-worker-task-definitions | 1 | 512 | 1024 | 1 | Yes | No | 0 | 0 | No logs |
| spinbet-prod-websocket-task-definitions | 1 | - | - | 2 | No | No | 0 | 0 | json-file |
Container Configuration Detail
⚠️ Plaintext environment variables should be avoided for sensitive data. Use Secrets Manager or SSM Parameter Store. log_router containers are excluded.
| Task Definition | Container | Image | Log Config | Plaintext Env Vars | Secrets (SSM/SM) |
|---|---|---|---|---|---|
| spinbet-prod-api-task-definitions:1 | nginx | 436450225153.dkr.ecr.ap-northeast-1.amazonaws.com/nginx-base:api-3.0 | awslogs:/ecs/spinbet-prod-api | None | - |
| spinbet-prod-bo-task-definitions:1 | nginx-bo | 436450225153.dkr.ecr.ap-southeast-1.amazonaws.com/nginx-base:bo-3.0 | No logs | None | - |
| spinbet-prod-callback-task-definitions:1 | nginx | 436450225153.dkr.ecr.ap-northeast-1.amazonaws.com/nginx-base:callback-2.0 | awslogs:/ecs/spinbet-prod-callback | None | - |
| spinbet-prod-cdn-cms-task-definitions:1 | nginx-s3-gateway | 436450225153.dkr.ecr.ap-northeast-1.amazonaws.com/spinbet-prod-nginx-base:s3-gateway-1.0 | json-file | None | - |
| spinbet-prod-chat-backend-td:12 | spinbet-prod-chat-backend | 436450225153.dkr.ecr.ap-northeast-1.amazonaws.com/spinbet-chat-backend:823e77c41c496e7cad107e3e7f921d4376ca0c31 | grafana-loki | BRAND_IDHOSTREDIS_HOSTNODE_ENVAWS_S3_BUCKET_NAMEPORT | FEATHERS_SECRETPOSTGRESQL_CONNECTIONAWS_ACCESS_KEY_IDAWS_SECRET_ACCESS_KEY |
| spinbet-prod-chat-redis-td:2 | redis | redis:latest | awslogs:/ecs/spinbet-prod-chat-redi... | None | - |
| spinbet-prod-cms-task-definitions:1 | nginx-cms | 436450225153.dkr.ecr.ap-southeast-1.amazonaws.com/nginx-base:cms-3.0 | No logs | None | - |
| spinbet-prod-cronjob-task-definitions:1 | cronjob | 436450225153.dkr.ecr.ap-southeast-1.amazonaws.com/spinbit-prod-cronjob:4d9762d-38-develop | No logs | None | - |
| spinbet-prod-fe-task-definitions:1 | nginx-fe | 436450225153.dkr.ecr.ap-southeast-1.amazonaws.com/nginx-base:fe-3.0 | No logs | None | - |
| spinbet-prod-queue-worker-task-definitions:1 | queue-worker | 436450225153.dkr.ecr.ap-southeast-1.amazonaws.com/spinbit-prod-queue-worker:4d9762d-38-develop | No logs | None | - |
| spinbet-prod-websocket-task-definitions:1 | nginx-websocket | 436450225153.dkr.ecr.ap-northeast-1.amazonaws.com/spinbet-prod-nginx-base:3.0 | json-file | None | - |
| spinbet-prod-websocket-task-definitions:1 | app | 436450225153.dkr.ecr.ap-northeast-1.amazonaws.com/spinbet-prod-soketi:1.0-16-debian | json-file | None | - |
RDS Instances
| DB Identifier | Engine | Class | Status | Storage | Encrypted | Multi-AZ | Public | Backup | Delete Prot. | Tags |
|---|---|---|---|---|---|---|---|---|---|---|
| spinbet-prod-chat-postgres | postgres 17.6 | db.t4g.micro | available | 20 GiB | Yes | No | No | 7d | No | Brand=spinbetmap-migrated=migS0EK6JMBZCEnvironment=productionService=chatName=spinbet-prod-chat-postgres |
| spinbet-prod-db-master | mysql 8.0.39 | db.t4g.medium | available | 500 GiB | Yes | Yes | No | 7d | Yes | map-migrated=migS0EK6JMBZCEnvironment=prodCustomer=spinbetName=spinbet-prod-database-master |
| spinbet-prod-db-replication | mysql 8.0.39 | db.t4g.medium | available | 500 GiB | Yes | No | No | 7d | Yes | map-migrated=migS0EK6JMBZCEnvironment=prodCustomer=spinbetName=spinbet-prod-database-replication |
Lambda Functions
| Function Name | Runtime | Memory | Timeout | VPC | Last Modified | Tags |
|---|---|---|---|---|---|---|
| aws-quicksetup-lifecycle-LA-dbfzk | python3.11 | 128 MB | 900s | No VPC | 2025-08-12 | QuickSetupDefinitionID=dbfzkQuickSetupDocument=AWSQuickSetupType-SSMQuickSetupDocumentVersionName=2.0QuickSetupManagerAccount=436450225153QuickSetupManagerArn=arn:aws:ssm-quicksetup:ap-northeast-1:436450225153:configuration-manager/37e98f14-a99c-435f-985a-c892189d5351QuickSetupManagerID=37e98f14-a99c-435f-985a-c892189d5351QuickSetupManagerRegion=ap-northeast-1aws:cloudformation:logical-id=SSMLifecycleOperatorLambdaaws:cloudformation:stack-id=arn:aws:cloudformation:ap-northeast-1:436450225153:stack/StackSet-AWS-QuickSetup-SSM-LA-dbfzk-fd5cadc3-29c2-475e-98f3-4d2eac1642a8/1927fcc0-7752-11f0-b354-0e0431694d6faws:cloudformation:stack-name=StackSet-AWS-QuickSetup-SSM-LA-dbfzk-fd5cadc3-29c2-475e-98f3-4d2eac1642a8 |
| sendBonusEligibility-spinbet | python3.10 | 512 MB | 30s | No VPC | 2026-01-06 | Brand=spinbetEnvironment=prodManagedBy=TerraformProject=BonusBot |
| getBonusEligibilityResults-spinbet | python3.10 | 256 MB | 10s | No VPC | 2026-01-14 | Brand=spinbetEnvironment=prodManagedBy=TerraformProject=BonusBot |
SQS Queues
Total Queues: 56
Without Encryption: 56
Without DLQ: 56
| Queue Name | Type | Encrypted | DLQ Configured | Visibility Timeout | Messages | Tags |
|---|---|---|---|---|---|---|
| accumulate_bonus_programs_ref_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| accumulate_bonus_programs_referral_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| accumulate_bonus_programs_settle_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| accumulate_bonus_programs_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| accumulate_bonus_programs_spinbet_prod.fifo | FIFO | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| ad_checks_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| assign_new_game_to_bonus_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| assign_new_game_to_game_segment_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| audit_logs_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| automatic_withdrawal_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| betting_limit_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| bonuses_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| broadcast_balance_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| broadcast_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| campaign_message_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| casino_bet_detail_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| challenges_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| compliance_actions_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| compliances_spinbet_prod.fifo | FIFO | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| crm_high_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| crm_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| default_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| emails_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| export_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| game_log_locks_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| game_logs_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| game_logs_spinbet_prod.fifo | FIFO | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| import_batches_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| kyc_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| loyalty_programs_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| payment_integration_logs_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| player_activities_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| player_tips_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| player_transaction_summary_realtime_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| player_transactional_summary_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| player_vip_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| post_wagered_bonus_programs_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| prune_open_bets_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| quests_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| rebate_programs_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| recent_games_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| recent_reward_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| referral_plans_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| risk_fraud_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| segments_computing_spinbet_prod.fifo | FIFO | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| segments_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| segments_spinbet_prod.fifo | FIFO | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| sms_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| sportbook_bet_detail_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| spotlight-search_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| sync_game_to_ec_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| telescope_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| tournaments_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| tournaments_spinbet_prod.fifo | FIFO | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| wagering_requirements_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| webhook_call_spinbet_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
Secrets Manager
Total Secrets: 2
Without Rotation: 2
| Secret Name | Description | KMS Key | Rotation | Last Rotated | Last Accessed | Tags |
|---|---|---|---|---|---|---|
| spinbet-prod-rds-admin-password | - | secretsmanager |
Disabled | - | 2025-08-15 | - |
| spinbet-prod-redshift-admin-password | - | secretsmanager |
Disabled | - | 2025-08-15 | - |
CloudWatch Log Groups
Total Log Groups: 11
Without Retention Policy: 5
| Log Group Name | Retention (Days) | Stored Size |
|---|---|---|
/aws/lambda/getBonusEligibilityResults-spinbet |
30 | 7.38 MB |
/aws/lambda/sendBonusEligibility-spinbet |
30 | 31.91 MB |
/aws/rds/instance/spinbet-prod-db-master/error |
Never Expire | 13.87 KB |
/aws/rds/instance/spinbet-prod-db-replication/error |
Never Expire | 29.12 KB |
/ecs/spinbet-prod-api |
365 | 0 B |
/ecs/spinbet-prod-callback |
365 | 0 B |
/ecs/spinbet-prod-chat-backend |
Never Expire | 531.75 MB |
/ecs/spinbet-prod-chat-redis |
Never Expire | 14 KB |
RDSOSMetrics |
30 | 178 MB |
firelens-container |
Never Expire | 3.35 MB |
spinbet-prod-backend-redis-slowlog |
365 | 0 B |
Application & Network Load Balancers
| Name | Type | Scheme | State | DNS Name | VPC | AZs | Listeners | Target Groups | Tags |
|---|---|---|---|---|---|---|---|---|---|
| spinbet-prod-other-ecs-alb | APPLICATION | internet-facing | active | spinbet-prod-other-ecs-alb-1122507289.ap-northeast-1.elb.amazonaws.com | vpc-0b9080babc38088d8 | 2 | HTTPS:443, HTTP:80 | 9 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| spinbet-prod-api-callbck-ecs-alb | APPLICATION | internet-facing | active | spinbet-prod-api-callbck-ecs-alb-774414242.ap-northeast-1.elb.amazonaws.com | vpc-0b9080babc38088d8 | 2 | HTTP:80, HTTPS:443 | 3 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| spinbet-prod-ecs-internal-alb | APPLICATION | internal | active | internal-spinbet-prod-ecs-internal-alb-622826575.ap-northeast-1.elb.amazonaws.com | vpc-0b9080babc38088d8 | 2 | HTTPS:443, HTTP:80 | 1 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| spinbet-prod-chat-alb | APPLICATION | internet-facing | active | spinbet-prod-chat-alb-768072683.ap-northeast-1.elb.amazonaws.com | vpc-0b9080babc38088d8 | 2 | HTTP:80, HTTPS:443 | 1 | Brand=spinbetmap-migrated=migS0EK6JMBZCEnvironment=productionService=chat |
Target Groups
| Load Balancer | Target Group Name | Protocol | Port | Target Type | Health Check |
|---|---|---|---|---|---|
| spinbet-prod-other-ecs-alb | spinbet-prod-bo-tg-443 | HTTPS | 443 | instance | HTTPS:/player/api/v1/ping |
| spinbet-prod-other-ecs-alb | spinbet-prod-cdn-cms-tg-449 | HTTPS | 449 | instance | HTTPS:/health |
| spinbet-prod-other-ecs-alb | spinbet-prod-elk-tg-443 | HTTPS | 443 | instance | HTTPS:/ |
| spinbet-prod-other-ecs-alb | spinbet-prod-fe-tg-443 | HTTPS | 443 | instance | HTTPS:/robots.txt |
| spinbet-prod-other-ecs-alb | spinbet-prod-graylog-tg-443 | HTTPS | 443 | instance | HTTPS:/ |
| spinbet-prod-other-ecs-alb | spinbet-prod-intglog-tg-443 | HTTPS | 443 | instance | HTTPS:/ |
| spinbet-prod-other-ecs-alb | spinbet-prod-metbase-tg-443 | HTTPS | 443 | instance | HTTPS:/ |
| spinbet-prod-other-ecs-alb | spinbet-prod-mon-tg-443 | HTTPS | 443 | instance | HTTPS:/ |
| spinbet-prod-other-ecs-alb | spinbet-prod-ws-tg-6002 | HTTPS | 6002 | instance | HTTPS:/ |
| spinbet-prod-api-callbck-ecs-alb | spinbet-prod-api-tg-443 | HTTPS | 443 | ip | HTTPS:/robots.txt |
| spinbet-prod-api-callbck-ecs-alb | spinbet-prod-callbck-tg-443 | HTTPS | 443 | ip | HTTPS:/player/api/v1/ping |
| spinbet-prod-api-callbck-ecs-alb | spinbet-prod-cms-tg-444 | HTTPS | 444 | instance | HTTPS:/ |
| spinbet-prod-ecs-internal-alb | spinbet-prod-cms-internal-444 | HTTPS | 444 | instance | HTTPS:/ |
| spinbet-prod-chat-alb | spinbet-prod-chat-tg | HTTP | 3030 | ip | HTTP:/health |
Security Groups (In Use)
| Name | Group ID | VPC | Used By | Inbound Ports | Outbound Ports | Open to Internet | Tags |
|---|---|---|---|---|---|---|---|
| spinbet-prod-allow-http-https | sg-025bf49e74b139852 |
vpc-0b9080babc38088d8 | APPLICATION(2) | tcp:443, tcp:80 | All | Yes | Customer=spinbetEnvironment=prodmap-migrated=migS0EK6JMBZC |
| spinbet-prod-allow-local | sg-046abb3a0f1bd517c |
vpc-0b9080babc38088d8 | APPLICATION(1), EC2(7), ECS(3) | All, tcp:0-65535, tcp:5439 | All | No | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=prod |
| spinbet-prod-allow-ssh | sg-0c5caaffccf69b9f5 |
vpc-0b9080babc38088d8 | EC2(1) | tcp:22 | All | No | Environment=prodmap-migrated=migS0EK6JMBZCCustomer=spinbet |
| spinbet-prod-chat-sg | sg-0c4cb9224a96cb7f2 |
vpc-0b9080babc38088d8 | APPLICATION(1), ECS(2), RDS(1) | All, tcp:22, tcp:5432 | All | Yes | - |
| cloudnomads-cdk-builder | sg-0853aeb0a1601034d |
vpc-0d113ee0d5e28924a | EC2(1) | tcp:3389 | All | No | aws:cloudformation:logical-id=CdkBuilderSgaws:cloudformation:stack-name=cloudnomads-cdk-builderaws:cloudformation:stack-id=arn:aws:cloudformation:ap-northeast-1:436450225153:stack/cloudnomads-cdk-builder/625ffec0-7751-11f0-addf-0ec92aaf2663 |
| spinbet-prod-allow-local-port-3306 | sg-02b925ebed7ad6409 |
vpc-0b9080babc38088d8 | RDS(2) | tcp:0-65535, tcp:3306 | All | No | Customer=spinbetEnvironment=prodmap-migrated=migS0EK6JMBZC |
Security Group Rules Detail
| Security Group | Direction | Protocol | Port Range | Source/Destination |
|---|---|---|---|---|
spinbet-prod-allow-http-https sg-025bf49e74b139852 |
Inbound | tcp | 80 | 0.0.0.0/0 |
spinbet-prod-allow-http-https sg-025bf49e74b139852 |
Inbound | tcp | 443 | 0.0.0.0/0 |
spinbet-prod-allow-local sg-046abb3a0f1bd517c |
Inbound | tcp | 5439 | 11.0.0.0/16 |
spinbet-prod-allow-local sg-046abb3a0f1bd517c |
Inbound | tcp | 0-65535 | sg: sg-046abb3a0f1bd517c |
spinbet-prod-allow-local sg-046abb3a0f1bd517c |
Inbound | All | All | 10.0.3.0/24, 10.0.4.0/24, 10.0.2.0/24, 10.0.1.0/24 |
spinbet-prod-allow-ssh sg-0c5caaffccf69b9f5 |
Inbound | tcp | 22 | 119.93.179.143/32, 14.161.16.211/32, 115.79.29.29/32, 115.78.100.17/32 |
spinbet-prod-chat-sg sg-0c4cb9224a96cb7f2 |
Inbound | tcp | 5432 | sg: sg-0c4cb9224a96cb7f2 |
spinbet-prod-chat-sg sg-0c4cb9224a96cb7f2 |
Inbound | All | All | 0.0.0.0/0 |
spinbet-prod-chat-sg sg-0c4cb9224a96cb7f2 |
Inbound | tcp | 22 | 0.0.0.0/0 |
cloudnomads-cdk-builder sg-0853aeb0a1601034d |
Inbound | tcp | 3389 | 84.254.23.220/32 |
spinbet-prod-allow-local-port-3306 sg-02b925ebed7ad6409 |
Inbound | tcp | 0-65535 | sg: sg-02b925ebed7ad6409 |
spinbet-prod-allow-local-port-3306 sg-02b925ebed7ad6409 |
Inbound | tcp | 3306 | 10.0.3.0/24, 10.0.1.0/24, 11.0.0.0/16, 10.0.2.7/32 |
spinbet-prod-allow-http-https sg-025bf49e74b139852 |
Outbound | All | All | 0.0.0.0/0 |
spinbet-prod-allow-local sg-046abb3a0f1bd517c |
Outbound | All | All | 0.0.0.0/0 |
spinbet-prod-allow-ssh sg-0c5caaffccf69b9f5 |
Outbound | All | All | 0.0.0.0/0 |
spinbet-prod-chat-sg sg-0c4cb9224a96cb7f2 |
Outbound | All | All | 0.0.0.0/0 |
cloudnomads-cdk-builder sg-0853aeb0a1601034d |
Outbound | All | All | 0.0.0.0/0 |
spinbet-prod-allow-local-port-3306 sg-02b925ebed7ad6409 |
Outbound | All | All | 0.0.0.0/0 |
Compliance Findings
Network & Security (Section 5.2)
2
Open Security Groups (0.0.0.0/0)
0
EC2 Without IMDSv2
Yes
CloudTrail Enabled
Data Protection (Section 5.4)
9
Unencrypted EBS Volumes
0
Unencrypted RDS
56
SQS Without Encryption
Logging & Monitoring (Section 5.3)
5
Log Groups (No Retention)
RDS Standards (Section 7)
0
Public RDS Instances
2
RDS Without Multi-AZ
0
RDS Without Backups
Lambda Standards (Section 7)
0
Lambda Default Timeout (3s)
3
Lambda Without DLQ
SQS Standards (Section 7)
56
SQS Without DLQ
ECS Standards (Section 7)
6
Plaintext Env Vars
0
Privileged Containers