🔐 IAM (Global)
IAM Compliance Findings
5
Total IAM Users
5
Users Without MFA
0
Access Keys >90 Days Old
1
Users with Admin Access
IAM Users
| User Name | MFA Enabled | Access Key ID | Key Status | Key Created |
|---|---|---|---|---|
| spinbet_staging_cms_nginx_s3_gateway | No | - | - | - |
| spinbet_staging_devops | No | AKIAQGFQTKS74C2FNJ5X | Active | 2026-01-12 |
| spinbet_staging_ecs_deploy | No | - | - | - |
| spinbet_staging_s3upload | No | - | - | - |
| spinbet_staging_sqs | No | - | - | - |
Users with AdministratorAccess Policy
| User Name |
|---|
| spinbet_staging_devops |
📍 Region: eu-west-2
VPCs & Subnets
| Name | VPC ID | CIDR Block | State | Tenancy | Tags |
|---|---|---|---|---|---|
| cloudnomads-cdk-builder | vpc-0b52fb36a5a356799 |
100.64.0.0/28 | available | default | aws:cloudformation:logical-id=CdkBuilderVpcaws:cloudformation:stack-id=arn:aws:cloudformation:eu-west-2:013255267519:stack/cloudnomads-cdk-builder/1cb93720-712e-11f0-b8b2-0af8bc18aad3aws:cloudformation:stack-name=cloudnomads-cdk-builder |
| aws-controltower-VPC | vpc-0513b9e65deef233f |
172.31.0.0/16 | available | default | aws:cloudformation:stack-id=arn:aws:cloudformation:eu-west-2:013255267519:stack/StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-f2be560e-aa73-408d-be53-5fc816c2e786/67dd56c0-2bd6-11f0-80c5-0af3b2213075aws:cloudformation:stack-name=StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-f2be560e-aa73-408d-be53-5fc816c2e786aws:cloudformation:logical-id=VPC |
Subnets
| Name | Subnet ID | VPC ID | CIDR Block | AZ | Available IPs | Public IP on Launch | Tags |
|---|---|---|---|---|---|---|---|
| aws-controltower-PrivateSubnet2A | subnet-03a8b057c2bb15303 |
vpc-0513b9e65deef233f | 172.31.32.0/20 | eu-west-2b | 4091 | No | aws:cloudformation:stack-id=arn:aws:cloudformation:eu-west-2:013255267519:stack/StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-f2be560e-aa73-408d-be53-5fc816c2e786/67dd56c0-2bd6-11f0-80c5-0af3b2213075aws:cloudformation:logical-id=PrivateSubnet2Aaws:cloudformation:stack-name=StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-f2be560e-aa73-408d-be53-5fc816c2e786Network=Private |
| aws-controltower-PrivateSubnet3A | subnet-0e923566b455f4144 |
vpc-0513b9e65deef233f | 172.31.80.0/20 | eu-west-2c | 4091 | No | aws:cloudformation:stack-id=arn:aws:cloudformation:eu-west-2:013255267519:stack/StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-f2be560e-aa73-408d-be53-5fc816c2e786/67dd56c0-2bd6-11f0-80c5-0af3b2213075aws:cloudformation:stack-name=StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-f2be560e-aa73-408d-be53-5fc816c2e786Network=Privateaws:cloudformation:logical-id=PrivateSubnet3A |
| aws-controltower-PrivateSubnet1A | subnet-039397f903ee27a07 |
vpc-0513b9e65deef233f | 172.31.64.0/20 | eu-west-2a | 4091 | No | aws:cloudformation:stack-id=arn:aws:cloudformation:eu-west-2:013255267519:stack/StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-f2be560e-aa73-408d-be53-5fc816c2e786/67dd56c0-2bd6-11f0-80c5-0af3b2213075aws:cloudformation:stack-name=StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-f2be560e-aa73-408d-be53-5fc816c2e786aws:cloudformation:logical-id=PrivateSubnet1ANetwork=Private |
| PubSub | subnet-0b30b32effaf778d0 |
vpc-0b52fb36a5a356799 | 100.64.0.0/28 | eu-west-2c | 8 | Yes | aws:cloudformation:logical-id=PublicSubnetaws:cloudformation:stack-name=cloudnomads-cdk-builderaws:cloudformation:stack-id=arn:aws:cloudformation:eu-west-2:013255267519:stack/cloudnomads-cdk-builder/1cb93720-712e-11f0-b8b2-0af8bc18aad3 |
Lambda Functions
| Function Name | Runtime | Memory | Timeout | VPC | Last Modified | Tags |
|---|---|---|---|---|---|---|
| aws-quicksetup-lifecycle-LA-jtaht | python3.11 | 128 MB | 900s | No VPC | 2025-08-04 | QuickSetupDefinitionID=jtahtQuickSetupDocument=AWSQuickSetupType-SSMQuickSetupDocumentVersionName=2.0QuickSetupManagerAccount=013255267519QuickSetupManagerArn=arn:aws:ssm-quicksetup:eu-west-2:013255267519:configuration-manager/21509938-c442-4ccc-97ab-3a7b87860b23QuickSetupManagerID=21509938-c442-4ccc-97ab-3a7b87860b23QuickSetupManagerRegion=eu-west-2aws:cloudformation:logical-id=SSMLifecycleOperatorLambdaaws:cloudformation:stack-id=arn:aws:cloudformation:eu-west-2:013255267519:stack/StackSet-AWS-QuickSetup-SSM-LA-jtaht-ef52203a-06c5-44df-b743-f467501d00c2/231adcd0-712f-11f0-8abf-0ac9e567e65faws:cloudformation:stack-name=StackSet-AWS-QuickSetup-SSM-LA-jtaht-ef52203a-06c5-44df-b743-f467501d00c2 |
| aws-controltower-NotificationForwarder | python3.13 | 128 MB | 60s | No VPC | 2025-08-21 | aws:cloudformation:logical-id=ForwardSnsNotificationaws:cloudformation:stack-id=arn:aws:cloudformation:eu-west-2:013255267519:stack/StackSet-AWSControlTowerBP-BASELINE-CLOUDWATCH-0a01f063-c93e-4b79-93b7-be82ec277bf1/ed60d520-2bd5-11f0-8e94-062f260ee2d3aws:cloudformation:stack-name=StackSet-AWSControlTowerBP-BASELINE-CLOUDWATCH-0a01f063-c93e-4b79-93b7-be82ec277bf1 |
CloudWatch Log Groups
Total Log Groups: 2
Without Retention Policy: 0
| Log Group Name | Retention (Days) | Stored Size |
|---|---|---|
/aws/lambda/aws-controltower-NotificationForwarder |
14 | 0 B |
StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-f2be560e-aa73-408d-be53-5fc816c2e786-VPCFlowLogsLogGroup-3MsDS6Z7Qv2v |
90 | 0 B |
Compliance Findings
Network & Security (Section 5.2)
0
Open Security Groups (0.0.0.0/0)
0
EC2 Without IMDSv2
Yes
CloudTrail Enabled
Data Protection (Section 5.4)
0
Unencrypted EBS Volumes
0
Unencrypted RDS
0
SQS Without Encryption
Logging & Monitoring (Section 5.3)
0
Log Groups (No Retention)
RDS Standards (Section 7)
0
Public RDS Instances
0
RDS Without Multi-AZ
0
RDS Without Backups
Lambda Standards (Section 7)
0
Lambda Default Timeout (3s)
2
Lambda Without DLQ
SQS Standards (Section 7)
0
SQS Without DLQ
ECS Standards (Section 7)
0
Plaintext Env Vars
0
Privileged Containers
📍 Region: ap-northeast-1
VPCs & Subnets
| Name | VPC ID | CIDR Block | State | Tenancy | Tags |
|---|---|---|---|---|---|
| spinbet-staging-vpc | vpc-0e65726e2e520507e |
10.0.0.0/16 | available | default | Environment=stagingCustomer=spinbetmap-migrated=migS0EK6JMBZC |
| cloudnomads-cdk-builder | vpc-011d8d8b8e2bdefab |
100.64.0.0/28 | available | default | aws:cloudformation:stack-name=cloudnomads-cdk-builderaws:cloudformation:stack-id=arn:aws:cloudformation:ap-northeast-1:013255267519:stack/cloudnomads-cdk-builder/337be920-71c5-11f0-8a48-0a8944a8fdc5aws:cloudformation:logical-id=CdkBuilderVpc |
Subnets
| Name | Subnet ID | VPC ID | CIDR Block | AZ | Available IPs | Public IP on Launch | Tags |
|---|---|---|---|---|---|---|---|
| spinbet-staging-public-subnet-1 | subnet-071fc054089aa7349 |
vpc-0e65726e2e520507e | 10.0.2.0/24 | ap-northeast-1a | 241 | No | map-migrated=migS0EK6JMBZCEnvironment=stagingCustomer=spinbet |
| spinbet-staging-private-subnet-1 | subnet-04a58836038ae11a5 |
vpc-0e65726e2e520507e | 10.0.1.0/24 | ap-northeast-1a | 243 | No | map-migrated=migS0EK6JMBZCEnvironment=stagingCustomer=spinbet |
| PubSub | subnet-08aac4b3acd9784f8 |
vpc-011d8d8b8e2bdefab | 100.64.0.0/28 | ap-northeast-1a | 10 | Yes | aws:cloudformation:logical-id=PublicSubnetaws:cloudformation:stack-name=cloudnomads-cdk-builderaws:cloudformation:stack-id=arn:aws:cloudformation:ap-northeast-1:013255267519:stack/cloudnomads-cdk-builder/337be920-71c5-11f0-8a48-0a8944a8fdc5 |
| spinbet-staging-public-subnet-2 | subnet-0c44457ba165f2257 |
vpc-0e65726e2e520507e | 10.0.4.0/24 | ap-northeast-1c | 248 | No | Customer=spinbetmap-migrated=migS0EK6JMBZCEnvironment=staging |
| spinbet-staging-private-subnet-2 | subnet-0a0d7492c8f5ca30d |
vpc-0e65726e2e520507e | 10.0.3.0/24 | ap-northeast-1c | 245 | No | map-migrated=migS0EK6JMBZCEnvironment=stagingCustomer=spinbet |
EC2 Instances
| Name | Instance ID | Type | State | Public IP | Private IP | VPC | Security Groups | AMI | Key Pair | IAM Profile | EBS Volumes | IMDSv2 | Tags |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| cloudnomads-cdk-builder | i-03060b4920af35a83 |
t3a.medium | stopped | - | 100.64.0.13 | vpc-011d8d8b8e2bdefab | sg-05a017e31275ee62e | ami-0359f857ffbb5de44 | - | cloudnomads-cdk-builder-CdkBuilderInstanceProfile-cchzikROX4fP | 1 | required | aws:cloudformation:logical-id=CdkBuilderEc2Instanceaws:cloudformation:stack-id=arn:aws:cloudformation:ap-northeast-1:013255267519:stack/cloudnomads-cdk-builder/337be920-71c5-11f0-8a48-0a8944a8fdc5aws:cloudformation:stack-name=cloudnomads-cdk-builder |
| spinbet_staging_bastion_host | i-05f1536dd1852e240 |
t3a.medium | running | 3.114.108.187 | 10.0.2.98 | vpc-0e65726e2e520507e | sg-0ff4bc64dd6b28c7b | ami-054400ced365b82a0 | spinbet_staging_Mar2025 | SSMInstanceProfile | 1 | required | Customer=spinbetmap-migrated=migS0EK6JMBZCEnvironment=staging |
| spinbet_staging_monitoring | i-008ce6572b6d0b2ae |
t3a.medium | running | - | 10.0.1.141 | vpc-0e65726e2e520507e | sg-048359435fb5e0911 | ami-054400ced365b82a0 | spinbet_staging_Mar2025 | SSMInstanceProfile | 1 | required | Customer=spinbetEnvironment=stagingmap-migrated=migS0EK6JMBZC |
| spinbet_staging_mongodb_cms | i-0f896e595235a0569 |
t3a.medium | running | - | 10.0.1.174 | vpc-0e65726e2e520507e | sg-048359435fb5e0911 | ami-054400ced365b82a0 | spinbet_staging_Mar2025 | SSMInstanceProfile | 1 | required | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| ECS Instance - EC2ContainerService-spinbet-staging-fe-cms-cdn-websocket-ecs-cluster | i-0f8bf1526c1fec264 |
t3a.medium | running | - | 10.0.1.242 | vpc-0e65726e2e520507e | sg-048359435fb5e0911 | ami-0b3329471740c1bf4 | spinbet_staging_Mar2025 | SSM_EcsInstanceProfile | 1 | required | Customer=spinbetEnvironment=stagingAmazonECSManaged=ECS Cluster managed by Amazonaws:autoscaling:groupName=spinbet-staging-Asg-fe-cms-cdn-websocket-ecs-clusteraws:ec2launchtemplate:id=lt-0b1d88f34ed0f68fbaws:ec2launchtemplate:version=1 |
| spinbet_staging_metabase | i-033a2d83b3273f831 |
t3a.medium | running | - | 10.0.1.253 | vpc-0e65726e2e520507e | sg-048359435fb5e0911 | ami-054400ced365b82a0 | spinbet_staging_Mar2025 | SSMInstanceProfile | 1 | required | map-migrated=migS0EK6JMBZCEnvironment=stagingCustomer=spinbet |
| spinbet_staging_elk | i-0aae820a33f54680a |
t3a.large | running | 54.199.173.252 | 10.0.2.197 | vpc-0e65726e2e520507e | sg-048359435fb5e0911 | ami-054400ced365b82a0 | spinbet_staging_Mar2025 | SSMInstanceProfile | 1 | required | Customer=spinbetEnvironment=stagingmap-migrated=migS0EK6JMBZC |
| spinbet_staging_graylog | i-012945a996d75d5b3 |
t3a.large | running | 13.231.224.75 | 10.0.2.251 | vpc-0e65726e2e520507e | sg-048359435fb5e0911 | ami-054400ced365b82a0 | spinbet_staging_Mar2025 | SSMInstanceProfile | 1 | required | Customer=spinbetmap-migrated=migS0EK6JMBZCEnvironment=staging |
| spinbet_staging_integration_graylog | i-076500a113c98a953 |
t3a.large | running | 18.181.152.74 | 10.0.2.21 | vpc-0e65726e2e520507e | sg-048359435fb5e0911 | ami-054400ced365b82a0 | spinbet_staging_Mar2025 | SSMInstanceProfile | 1 | required | Customer=spinbetEnvironment=stagingmap-migrated=migS0EK6JMBZC |
| staging-tokyo-frontend | i-0c134eee36c625b04 |
t4g.medium | running | 35.78.40.213 | 172.31.39.28 | vpc-0837e2a089f5a1ea2 | sg-0227c2e09e9792cad | ami-05e2ae907de70068a | spinbet_staging_Mar2025 | SSMInstanceProfile | 1 | required | Location=tokyoApplication=frontendBrand=spinbetManagedBy=terraformmap-migrated=migS0EK6JMBZCEnvironment=staging |
EBS Volumes
| Name | Volume ID | Size (GiB) | Type | State | Encrypted | IOPS | Attached Instance | Device | AZ | Tags |
|---|---|---|---|---|---|---|---|---|---|---|
| spinbet_staging_metabase_volume | vol-0c530ea876a5ea059 |
50 | gp3 | in-use | No | 3000 | i-033a2d83b3273f831 | /dev/sda1 | ap-northeast-1a | Customer=spinbetEnvironment=stagingmap-migrated=migS0EK6JMBZC |
| spinbet_staging_bastion_host_volume | vol-06a064aa4ec21323c |
50 | gp3 | in-use | No | 3000 | i-05f1536dd1852e240 | /dev/sda1 | ap-northeast-1a | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| spinbet_staging_graylog_volume | vol-0728b9f339a7cce18 |
1000 | gp3 | in-use | No | 3000 | i-012945a996d75d5b3 | /dev/sda1 | ap-northeast-1a | Customer=spinbetEnvironment=stagingmap-migrated=migS0EK6JMBZC |
| - | vol-0c1af91cb57317c6e |
100 | gp3 | in-use | No | 3000 | i-0f8bf1526c1fec264 | /dev/xvda | ap-northeast-1a | - |
| staging-tokyo-frontend-root | vol-09ce7ef7b4578c7f1 |
30 | gp3 | in-use | Yes | 3000 | i-0c134eee36c625b04 | /dev/sda1 | ap-northeast-1a | ManagedBy=terraformEnvironment=stagingLocation=tokyoApplication=frontendBrand=spinbet |
| spinbet_staging_monitoring_volume | vol-0590e98045a3df60a |
80 | gp3 | in-use | No | 3000 | i-008ce6572b6d0b2ae | /dev/sda1 | ap-northeast-1a | Environment=stagingCustomer=spinbetmap-migrated=migS0EK6JMBZC |
| spinbet_staging_mongodb_cms_volume | vol-0278ae34f0e34ad44 |
50 | gp3 | in-use | No | 3000 | i-0f896e595235a0569 | /dev/sda1 | ap-northeast-1a | Customer=spinbetmap-migrated=migS0EK6JMBZCEnvironment=staging |
| spinbet_staging_elk_volume | vol-097ce2257e11eb7ef |
50 | gp3 | in-use | No | 3000 | i-0aae820a33f54680a | /dev/sda1 | ap-northeast-1a | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| - | vol-0d80be3bdeccaae14 |
50 | gp3 | in-use | No | 3000 | i-03060b4920af35a83 | /dev/sda1 | ap-northeast-1a | - |
| spinbet_staging_integration_graylog_volume | vol-0e48d4ad3a8a55c59 |
200 | gp3 | in-use | No | 3000 | i-076500a113c98a953 | /dev/sda1 | ap-northeast-1a | Customer=spinbetmap-migrated=migS0EK6JMBZCEnvironment=staging |
ECS Clusters
| Cluster Name | Status | Running Tasks | Pending Tasks | Active Services | Container Instances |
|---|---|---|---|---|---|
| spinbet-staging-fe-cms-cdn-websocket-ecs-cluster | ACTIVE | 0 | 0 | 4 | 1 |
| spinbet-staging-cronjob-ecs-cluster | ACTIVE | 0 | 0 | 1 | 0 |
| spinbet-staging-callback-fargate-ecs-cluster | ACTIVE | 0 | 0 | 1 | 0 |
| spinbet-staging-bo-agent-ecs-cluster | ACTIVE | 0 | 0 | 1 | 0 |
| spinbet-staging-queue-worker-fargate-ecs-cluster | ACTIVE | 0 | 0 | 1 | 0 |
| spinbet-staging-api-fargate-ecs-cluster | ACTIVE | 0 | 0 | 1 | 0 |
ECS Services
| Service Name | Status | Desired | Running | Launch Type | Task Definition | Load Balancers | Security Groups |
|---|---|---|---|---|---|---|---|
| spinbet-staging-api-service | ACTIVE | 0 | 0 | FARGATE | spinbet-staging-api-task-definitions:1 | 1 target groups | sg-048359435fb5e0911 |
| spinbet-staging-queue-worker-service | ACTIVE | 0 | 0 | FARGATE | spinbet-staging-queue-worker-task-definitions:1 | 0 target groups | sg-048359435fb5e0911 |
| spinbet-staging-cronjob-service | ACTIVE | 0 | 0 | EC2 | spinbet-staging-cronjob-task-definitions:1 | 0 target groups | |
| spinbet-staging-cdn-cms-service | ACTIVE | 0 | 0 | EC2 | spinbet-staging-cdn-cms-task-definitions:1 | 1 target groups | |
| spinbet-staging-cms-service | ACTIVE | 0 | 0 | EC2 | spinbet-staging-cms-task-definitions:1 | 2 target groups | |
| spinbet-staging-websocket-services | ACTIVE | 0 | 0 | EC2 | spinbet-staging-websocket-task-definitions:1 | 1 target groups | |
| spinbet-staging-fe-service | ACTIVE | 0 | 0 | EC2 | spinbet-staging-fe-task-definitions:1 | 1 target groups | |
| spinbet-staging-callback-service | ACTIVE | 0 | 0 | FARGATE | spinbet-staging-callback-task-definitions:1 | 1 target groups | sg-048359435fb5e0911 |
| spinbet-staging-bo-service | ACTIVE | 0 | 0 | EC2 | spinbet-staging-bo-task-definitions:1 | 1 target groups |
ECS Task Definitions (Active)
| Family | Rev | CPU | Memory | Containers | Task Role | Privileged | Env Vars | Secrets | Log Config |
|---|---|---|---|---|---|---|---|---|---|
| spinbet-staging-api-task-definitions | 1 | 512 | 2048 | 1 | Yes | No | 0 | 0 | awslogs:/ecs/spinbet-staging-api |
| spinbet-staging-bo-task-definitions | 1 | - | - | 1 | No | No | 0 | 0 | No logs |
| spinbet-staging-callback-task-definitions | 1 | 512 | 2048 | 1 | Yes | No | 0 | 0 | awslogs:/ecs/spinbet-staging-callback |
| spinbet-staging-cdn-cms-task-definitions | 1 | - | - | 1 | No | No | 0 | 0 | json-file |
| spinbet-staging-cms-task-definitions | 1 | - | - | 1 | No | No | 0 | 0 | No logs |
| spinbet-staging-cronjob-task-definitions | 1 | - | - | 1 | No | No | 0 | 0 | No logs |
| spinbet-staging-fe-task-definitions | 1 | - | - | 1 | No | No | 0 | 0 | No logs |
| spinbet-staging-queue-worker-task-definitions | 1 | 512 | 2048 | 1 | Yes | No | 0 | 0 | No logs |
| spinbet-staging-websocket-task-definitions | 1 | - | - | 2 | No | No | 0 | 0 | json-file |
Container Configuration Detail
⚠️ Plaintext environment variables should be avoided for sensitive data. Use Secrets Manager or SSM Parameter Store. log_router containers are excluded.
| Task Definition | Container | Image | Log Config | Plaintext Env Vars | Secrets (SSM/SM) |
|---|---|---|---|---|---|
| spinbet-staging-api-task-definitions:1 | nginx | 268793312478.dkr.ecr.ap-northeast-1.amazonaws.com/nginx-base:api-3.0 | awslogs:/ecs/spinbet-staging-api | None | - |
| spinbet-staging-bo-task-definitions:1 | nginx-bo | 268793312478.dkr.ecr.ap-southeast-1.amazonaws.com/nginx-base:bo-3.0 | No logs | None | - |
| spinbet-staging-callback-task-definitions:1 | nginx | 268793312478.dkr.ecr.ap-northeast-1.amazonaws.com/nginx-base:callback-2.0 | awslogs:/ecs/spinbet-staging-callba... | None | - |
| spinbet-staging-cdn-cms-task-definitions:1 | nginx-s3-gateway | 268793312478.dkr.ecr.ap-northeast-1.amazonaws.com/spinbet-staging-nginx-base:s3-gateway-1.0 | json-file | None | - |
| spinbet-staging-cms-task-definitions:1 | nginx-cms | 268793312478.dkr.ecr.ap-southeast-1.amazonaws.com/nginx-base:cms-3.0 | No logs | None | - |
| spinbet-staging-cronjob-task-definitions:1 | cronjob | 268793312478.dkr.ecr.ap-southeast-1.amazonaws.com/spinbit-staging-cronjob:4d9762d-38-develop | No logs | None | - |
| spinbet-staging-fe-task-definitions:1 | nginx-fe | 268793312478.dkr.ecr.ap-southeast-1.amazonaws.com/nginx-base:fe-3.0 | No logs | None | - |
| spinbet-staging-queue-worker-task-definitions:1 | queue-worker | 268793312478.dkr.ecr.ap-southeast-1.amazonaws.com/spinbit-staging-queue-worker:4d9762d-38-develop | No logs | None | - |
| spinbet-staging-websocket-task-definitions:1 | nginx-websocket | 268793312478.dkr.ecr.ap-northeast-1.amazonaws.com/spinbet-staging-nginx-base:3.0 | json-file | None | - |
| spinbet-staging-websocket-task-definitions:1 | app | 268793312478.dkr.ecr.ap-northeast-1.amazonaws.com/spinbet-staging-soketi:1.0-16-debian | json-file | None | - |
RDS Instances
| DB Identifier | Engine | Class | Status | Storage | Encrypted | Multi-AZ | Public | Backup | Delete Prot. | Tags |
|---|---|---|---|---|---|---|---|---|---|---|
| spinbet-staging-db-master | mysql 8.0.39 | db.t4g.medium | available | 500 GiB | Yes | Yes | No | 7d | Yes | map-migrated=migS0EK6JMBZCEnvironment=stagingCustomer=spinbetName=spinbet-staging-database-master |
SQS Queues
Total Queues: 56
Without Encryption: 56
Without DLQ: 56
| Queue Name | Type | Encrypted | DLQ Configured | Visibility Timeout | Messages | Tags |
|---|---|---|---|---|---|---|
| accumulate_bonus_programs_ref_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| accumulate_bonus_programs_referral_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| accumulate_bonus_programs_settle_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| accumulate_bonus_programs_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| accumulate_bonus_programs_spinbet_staging.fifo | FIFO | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| ad_checks_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| assign_new_game_to_bonus_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| assign_new_game_to_game_segment_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| audit_logs_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| automatic_withdrawal_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| betting_limit_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| bonuses_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| broadcast_balance_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| broadcast_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| campaign_message_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| casino_bet_detail_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| challenges_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| compliance_actions_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| compliances_spinbet_staging.fifo | FIFO | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| crm_high_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| crm_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| default_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| emails_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| export_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| game_log_locks_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| game_logs_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| game_logs_spinbet_staging.fifo | FIFO | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| import_batches_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| kyc_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| loyalty_programs_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| payment_integration_logs_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| player_activities_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| player_tips_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| player_transaction_summary_realtime_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| player_transactional_summary_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| player_vip_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| post_wagered_bonus_programs_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| prune_open_bets_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| quests_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| rebate_programs_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| recent_games_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| recent_reward_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| referral_plans_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| risk_fraud_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| segments_computing_spinbet_staging.fifo | FIFO | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| segments_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| segments_spinbet_staging.fifo | FIFO | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| sms_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| sportbook_bet_detail_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| spotlight-search_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| sync_game_to_ec_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| telescope_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| tournaments_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| tournaments_spinbet_staging.fifo | FIFO | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| wagering_requirements_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| webhook_call_spinbet_staging | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
Secrets Manager
Total Secrets: 2
Without Rotation: 2
| Secret Name | Description | KMS Key | Rotation | Last Rotated | Last Accessed | Tags |
|---|---|---|---|---|---|---|
| spinbet-staging-rds-admin-password | - | secretsmanager |
Disabled | - | 2025-08-21 | - |
| spinbet-staging-redshift-admin-password | - | secretsmanager |
Disabled | - | 2025-08-15 | - |
CloudWatch Log Groups
Total Log Groups: 5
Without Retention Policy: 1
| Log Group Name | Retention (Days) | Stored Size |
|---|---|---|
/aws/rds/instance/spinbet-staging-db-master/error |
Never Expire | 7.69 KB |
/ecs/spinbet-staging-api |
365 | 0 B |
/ecs/spinbet-staging-callback |
365 | 0 B |
RDSOSMetrics |
30 | 110.01 MB |
spinbet-staging-backend-redis-slowlog |
365 | 0 B |
Application & Network Load Balancers
| Name | Type | Scheme | State | DNS Name | VPC | AZs | Listeners | Target Groups | Tags |
|---|---|---|---|---|---|---|---|---|---|
| spinbet-staging-other-ecs-alb | APPLICATION | internet-facing | active | spinbet-staging-other-ecs-alb-889374511.ap-northeast-1.elb.amazonaws.com | vpc-0e65726e2e520507e | 2 | HTTP:80, HTTPS:443 | 9 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| spinbet-staging-api-cb-ecs-alb | APPLICATION | internet-facing | active | spinbet-staging-api-cb-ecs-alb-152174138.ap-northeast-1.elb.amazonaws.com | vpc-0e65726e2e520507e | 2 | HTTPS:443, HTTP:80 | 3 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
| spinbet-staging-ecs-internal-alb | APPLICATION | internal | active | internal-spinbet-staging-ecs-internal-alb-2073316100.ap-northeast-1.elb.amazonaws.com | vpc-0e65726e2e520507e | 2 | HTTPS:443, HTTP:80 | 1 | map-migrated=migS0EK6JMBZCCustomer=spinbetEnvironment=staging |
Target Groups
| Load Balancer | Target Group Name | Protocol | Port | Target Type | Health Check |
|---|---|---|---|---|---|
| spinbet-staging-other-ecs-alb | spinbet-staging-bo-tg-443 | HTTPS | 443 | instance | HTTPS:/player/api/v1/ping |
| spinbet-staging-other-ecs-alb | spinbet-staging-cdn-cms-tg-449 | HTTPS | 449 | instance | HTTPS:/health |
| spinbet-staging-other-ecs-alb | spinbet-staging-elk-tg-443 | HTTPS | 443 | instance | HTTPS:/ |
| spinbet-staging-other-ecs-alb | spinbet-staging-fe-tg-443 | HTTPS | 443 | instance | HTTPS:/robots.txt |
| spinbet-staging-other-ecs-alb | spinbet-staging-graylog-tg-443 | HTTPS | 443 | instance | HTTPS:/ |
| spinbet-staging-other-ecs-alb | spinbet-staging-intglog-tg-443 | HTTPS | 443 | instance | HTTPS:/ |
| spinbet-staging-other-ecs-alb | spinbet-staging-metbase-tg-443 | HTTPS | 443 | instance | HTTPS:/ |
| spinbet-staging-other-ecs-alb | spinbet-staging-mon-tg-443 | HTTPS | 443 | instance | HTTPS:/ |
| spinbet-staging-other-ecs-alb | spinbet-staging-ws-tg-6002 | HTTPS | 6002 | instance | HTTPS:/ |
| spinbet-staging-api-cb-ecs-alb | spinbet-staging-api-tg-443 | HTTPS | 443 | ip | HTTPS:/robots.txt |
| spinbet-staging-api-cb-ecs-alb | spinbet-staging-callbck-tg-443 | HTTPS | 443 | ip | HTTPS:/player/api/v1/ping |
| spinbet-staging-api-cb-ecs-alb | spinbet-staging-cms-tg-444 | HTTPS | 444 | instance | HTTPS:/ |
| spinbet-staging-ecs-internal-alb | spinbet-staging-cms-internal-444 | HTTPS | 444 | instance | HTTPS:/ |
Security Groups (In Use)
| Name | Group ID | VPC | Used By | Inbound Ports | Outbound Ports | Open to Internet | Tags |
|---|---|---|---|---|---|---|---|
| spinbet-staging-allow-local | sg-048359435fb5e0911 |
vpc-0e65726e2e520507e | APPLICATION(1), EC2(7), ECS(3) | All, tcp:0-65535, tcp:5439 | All | No | Environment=stagingmap-migrated=migS0EK6JMBZCCustomer=spinbet |
| cloudnomads-cdk-builder | sg-05a017e31275ee62e |
vpc-011d8d8b8e2bdefab | EC2(1) | tcp:3389 | All | No | aws:cloudformation:stack-name=cloudnomads-cdk-builderaws:cloudformation:logical-id=CdkBuilderSgaws:cloudformation:stack-id=arn:aws:cloudformation:ap-northeast-1:013255267519:stack/cloudnomads-cdk-builder/337be920-71c5-11f0-8a48-0a8944a8fdc5 |
| staging-tokyo-frontend-sg | sg-0227c2e09e9792cad |
vpc-0837e2a089f5a1ea2 | EC2(1) | tcp:22, tcp:3000, tcp:443, tcp:80 | All | Yes | Application=frontendBrand=spinbetEnvironment=stagingLocation=tokyo |
| spinbet-staging-allow-local-port-3306 | sg-0d65c47d27b995faf |
vpc-0e65726e2e520507e | RDS(1) | tcp:0-65535, tcp:3306 | All | No | Environment=stagingCustomer=spinbetmap-migrated=migS0EK6JMBZC |
| spinbet-staging-allow-http-https | sg-0acd965cdbc95da80 |
vpc-0e65726e2e520507e | APPLICATION(2) | tcp:443, tcp:80 | All | Yes | map-migrated=migS0EK6JMBZCEnvironment=stagingCustomer=spinbet |
| spinbet-staging-allow-ssh | sg-0ff4bc64dd6b28c7b |
vpc-0e65726e2e520507e | EC2(1) | tcp:22 | All | No | Customer=spinbetmap-migrated=migS0EK6JMBZCEnvironment=staging |
Security Group Rules Detail
| Security Group | Direction | Protocol | Port Range | Source/Destination |
|---|---|---|---|---|
spinbet-staging-allow-local sg-048359435fb5e0911 |
Inbound | tcp | 5439 | 11.0.0.0/16 |
spinbet-staging-allow-local sg-048359435fb5e0911 |
Inbound | tcp | 0-65535 | sg: sg-048359435fb5e0911 |
spinbet-staging-allow-local sg-048359435fb5e0911 |
Inbound | All | All | 10.0.3.0/24, 10.0.4.0/24, 10.0.2.0/24, 10.0.1.0/24 |
cloudnomads-cdk-builder sg-05a017e31275ee62e |
Inbound | tcp | 3389 | 84.254.23.220/32 |
staging-tokyo-frontend-sg sg-0227c2e09e9792cad |
Inbound | tcp | 80 | 0.0.0.0/0 |
staging-tokyo-frontend-sg sg-0227c2e09e9792cad |
Inbound | tcp | 22 | 0.0.0.0/0 |
staging-tokyo-frontend-sg sg-0227c2e09e9792cad |
Inbound | tcp | 3000 | 0.0.0.0/0 |
staging-tokyo-frontend-sg sg-0227c2e09e9792cad |
Inbound | tcp | 443 | 0.0.0.0/0 |
spinbet-staging-allow-local-port-3306 sg-0d65c47d27b995faf |
Inbound | tcp | 0-65535 | sg: sg-0d65c47d27b995faf |
spinbet-staging-allow-local-port-3306 sg-0d65c47d27b995faf |
Inbound | tcp | 3306 | 11.0.0.0/16, 10.0.3.0/24, 10.0.1.0/24, 10.0.2.96/32 |
spinbet-staging-allow-http-https sg-0acd965cdbc95da80 |
Inbound | tcp | 80 | 0.0.0.0/0 |
spinbet-staging-allow-http-https sg-0acd965cdbc95da80 |
Inbound | tcp | 443 | 0.0.0.0/0 |
spinbet-staging-allow-ssh sg-0ff4bc64dd6b28c7b |
Inbound | tcp | 22 | 115.78.100.17/32, 119.93.179.143/32, 14.161.16.211/32, 115.79.29.29/32 |
spinbet-staging-allow-local sg-048359435fb5e0911 |
Outbound | All | All | 0.0.0.0/0 |
cloudnomads-cdk-builder sg-05a017e31275ee62e |
Outbound | All | All | 0.0.0.0/0 |
staging-tokyo-frontend-sg sg-0227c2e09e9792cad |
Outbound | All | All | 0.0.0.0/0 |
spinbet-staging-allow-local-port-3306 sg-0d65c47d27b995faf |
Outbound | All | All | 0.0.0.0/0 |
spinbet-staging-allow-http-https sg-0acd965cdbc95da80 |
Outbound | All | All | 0.0.0.0/0 |
spinbet-staging-allow-ssh sg-0ff4bc64dd6b28c7b |
Outbound | All | All | 0.0.0.0/0 |
Compliance Findings
Network & Security (Section 5.2)
2
Open Security Groups (0.0.0.0/0)
0
EC2 Without IMDSv2
Yes
CloudTrail Enabled
Data Protection (Section 5.4)
9
Unencrypted EBS Volumes
0
Unencrypted RDS
56
SQS Without Encryption
Logging & Monitoring (Section 5.3)
1
Log Groups (No Retention)
RDS Standards (Section 7)
0
Public RDS Instances
0
RDS Without Multi-AZ
0
RDS Without Backups
Lambda Standards (Section 7)
0
Lambda Default Timeout (3s)
0
Lambda Without DLQ
SQS Standards (Section 7)
56
SQS Without DLQ
ECS Standards (Section 7)
0
Plaintext Env Vars
0
Privileged Containers