AWS Compliance Audit Report - Spinbit Development

User Name	MFA Enabled	Access Key ID	Key Status	Key Created
developers	No	-	-	-
spinbit_dev_cms_nginx_s3_gateway	No	`AKIAZNM4CQW5YRTE57N5`	Active	2025-10-24
spinbit_dev_ecs_deploy	No	`AKIAZNM4CQW5URLL7EOS`	Active	2025-10-24
spinbit_dev_s3upload	No	`AKIAZNM4CQW5QMOYIQMC`	Active	2025-10-23
spinbit_dev_sqs	No	`AKIAZNM4CQW55RJZ3UNY`	Active	2025-10-23

🌐 VPCs & Subnets

Name	VPC ID	CIDR Block	State	Tenancy	Tags
aws-controltower-VPC	`vpc-0cc6368c49befcef7`	172.31.0.0/16	available	default	aws:cloudformation:stack-name=StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-6fed3bc6-287e-427d-b17b-fb0f940a878daws:cloudformation:stack-id=arn:aws:cloudformation:eu-west-2:647256769979:stack/StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-6fed3bc6-287e-427d-b17b-fb0f940a878d/9aee92b0-2abc-11f0-9efe-029b9ec7df45aws:cloudformation:logical-id=VPC
spinbit-dev-vpc	`vpc-09dccd980d4725980`	172.20.0.0/16	available	default	Customer=spinbitEnvironment=devmap-migrated=migS0EK6JMBZC

Subnets

Name	Subnet ID	VPC ID	CIDR Block	AZ	Available IPs	Public IP on Launch	Tags
spinbit-dev-public-subnet-1	`subnet-0eb409c50b2ed0457`	vpc-09dccd980d4725980	172.20.2.0/24	eu-west-2a	245	No	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
spinbit-dev-private-subnet-2	`subnet-0ee66cb2fe45fc65b`	vpc-09dccd980d4725980	172.20.3.0/24	eu-west-2b	248	No	Customer=spinbitEnvironment=devmap-migrated=migS0EK6JMBZC
aws-controltower-PrivateSubnet2A	`subnet-022a98229604df623`	vpc-0cc6368c49befcef7	172.31.32.0/20	eu-west-2b	4091	No	Network=Privateaws:cloudformation:stack-name=StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-6fed3bc6-287e-427d-b17b-fb0f940a878daws:cloudformation:stack-id=arn:aws:cloudformation:eu-west-2:647256769979:stack/StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-6fed3bc6-287e-427d-b17b-fb0f940a878d/9aee92b0-2abc-11f0-9efe-029b9ec7df45aws:cloudformation:logical-id=PrivateSubnet2A
aws-controltower-PrivateSubnet1A	`subnet-0d6b29fa3df45e8b6`	vpc-0cc6368c49befcef7	172.31.64.0/20	eu-west-2a	4091	No	aws:cloudformation:logical-id=PrivateSubnet1Aaws:cloudformation:stack-name=StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-6fed3bc6-287e-427d-b17b-fb0f940a878dNetwork=Privateaws:cloudformation:stack-id=arn:aws:cloudformation:eu-west-2:647256769979:stack/StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-6fed3bc6-287e-427d-b17b-fb0f940a878d/9aee92b0-2abc-11f0-9efe-029b9ec7df45
spinbit-dev-private-subnet-1	`subnet-07298a93b60a0dba4`	vpc-09dccd980d4725980	172.20.1.0/24	eu-west-2a	244	No	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
aws-controltower-PrivateSubnet3A	`subnet-0e49a3f64bf19d39d`	vpc-0cc6368c49befcef7	172.31.80.0/20	eu-west-2c	4091	No	aws:cloudformation:stack-name=StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-6fed3bc6-287e-427d-b17b-fb0f940a878dNetwork=Privateaws:cloudformation:stack-id=arn:aws:cloudformation:eu-west-2:647256769979:stack/StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-6fed3bc6-287e-427d-b17b-fb0f940a878d/9aee92b0-2abc-11f0-9efe-029b9ec7df45aws:cloudformation:logical-id=PrivateSubnet3A
spinbit-dev-public-subnet-2	`subnet-0a90907283b0a5eef`	vpc-09dccd980d4725980	172.20.4.0/24	eu-west-2b	248	No	Customer=spinbitEnvironment=devmap-migrated=migS0EK6JMBZC

🖥️ EC2 Instances

Name	Instance ID	Type	State	Public IP	Private IP	VPC	Security Groups	AMI	Key Pair	IAM Profile	EBS Volumes	IMDSv2	Tags
spinbit_dev_bastion_host	`i-08438eb77fc2e5f31`	t2.micro	running	3.11.2.76	172.20.2.109	vpc-09dccd980d4725980	sg-03c87f996c807b3de	ami-0505148b3591e4c07	spinbit_dev_new_Jul2025	SSMInstanceProfile	2	optional	map-migrated=migS0EK6JMBZCEnvironment=devCustomer=spinbit
spinbit_dev_sharky	`i-0bf0c1930eb0b5e16`	t3a.small	running	-	172.20.1.20	vpc-09dccd980d4725980	sg-00acb62ed3cd7cc05	ami-0b0f246717f445acb	spinbit_dev_new_Jul2025	SSMInstanceProfile	1	optional	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
spinbit_dev_integration_graylog	`i-039fcc2e0d5b30ff5`	t3a.medium	running	3.9.176.8	172.20.2.117	vpc-09dccd980d4725980	sg-00acb62ed3cd7cc05	ami-0944ea252fa7612db	spinbit_dev_new_Jul2025	SSMInstanceProfile	1	optional	Environment=devCustomer=spinbitmap-migrated=migS0EK6JMBZC
spinbit_dev_elk	`i-094f4e0edb64be3cc`	t3a.medium	running	18.133.241.70	172.20.2.145	vpc-09dccd980d4725980	sg-00acb62ed3cd7cc05	ami-0fcf3d5ac70b0a38a	spinbit_dev_new_Jul2025	SSMInstanceProfile	1	optional	Customer=spinbitEnvironment=devmap-migrated=migS0EK6JMBZC
spinbit_dev_graylog	`i-04bdf27286190f29c`	t3a.medium	running	18.133.182.100	172.20.2.185	vpc-09dccd980d4725980	sg-00acb62ed3cd7cc05	ami-0abd7b2cc08c20b7b	spinbit_dev_new_Jul2025	SSMInstanceProfile	1	optional	Customer=spinbitEnvironment=devmap-migrated=migS0EK6JMBZC
Temporary-spinbit-devops	`i-0829993c5bfb11af1`	c5a.2xlarge	stopped	-	172.20.1.237	vpc-09dccd980d4725980	sg-00acb62ed3cd7cc05	ami-046c2381f11878233	spinbit_dev_new_Jul2025	SSMInstanceProfile	1	required	-
ECS Instance - EC2ContainerService-spinbit-dev-ecs-cluster	`i-0c7daea1f0975fd5d`	m6a.2xlarge	running	-	172.20.3.241	vpc-09dccd980d4725980	sg-00acb62ed3cd7cc05	ami-02ef2f8ea6a7806b2	spinbit_dev_new_Jul2025	SSM_EcsInstanceProfile	1	optional	aws:ec2launchtemplate:id=lt-0a14e07c66b4a654eAmazonECSManaged=ECS Cluster managed by Amazonaws:autoscaling:groupName=spinbit-dev-Asg-ecs-clusterEnvironment=devaws:ec2launchtemplate:version=2Customer=spinbit
spinbit_dev_bitbucket_runner_0_spot_instance	`i-0e7d1cc39ceebc443`	m5a.large	running	-	172.20.1.249	vpc-09dccd980d4725980	sg-00acb62ed3cd7cc05	ami-0e5c6fd86fc5025fd	spinbit_dev_new_Jul2025	SSMInstanceProfile	1	optional	Customer=spinbitEnvironment=devaws:ec2spot:fleet-request-id=sfr-2a866c36-2ab4-422a-b30e-5a8a51c41ce1

💾 EBS Volumes

Name	Volume ID	Size (GiB)	Type	State	Encrypted	IOPS	Attached Instance	Device	AZ	Tags
-	`vol-07151a5d297bb0936`	200	gp3	in-use	No	3000	i-0829993c5bfb11af1	/dev/sda1	eu-west-2a	-
spinbit_dev_integration_graylog_volume	`vol-03aeeea6639aa8c56`	40	gp3	in-use	No	3000	i-039fcc2e0d5b30ff5	/dev/sda1	eu-west-2a	Customer=spinbitEnvironment=devmap-migrated=migS0EK6JMBZC
spinbit_dev_elk_volume	`vol-0779461b7952fbc56`	30	gp3	in-use	No	3000	i-094f4e0edb64be3cc	/dev/sda1	eu-west-2a	Environment=devmap-migrated=migS0EK6JMBZCCustomer=spinbit
-	`vol-004dbd133ea9c67f0`	200	gp3	in-use	No	3000	i-08438eb77fc2e5f31	/dev/sdo	eu-west-2a	-
spinbit_dev_graylog_volume	`vol-0326579f3221bc8ac`	50	gp3	in-use	No	3000	i-04bdf27286190f29c	/dev/sda1	eu-west-2a	Environment=devCustomer=spinbitmap-migrated=migS0EK6JMBZC
spinbit_dev_sharky_volume	`vol-0b0970eff8c7ff94e`	15	gp3	in-use	No	3000	i-0bf0c1930eb0b5e16	/dev/sda1	eu-west-2a	map-migrated=migS0EK6JMBZCEnvironment=devCustomer=spinbit
spinbit_dev_bastion_host_volume	`vol-01f7b258cdd66172a`	10	gp3	in-use	No	3000	i-08438eb77fc2e5f31	/dev/sda1	eu-west-2a	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
-	`vol-05134332921dc47bc`	100	gp3	in-use	No	3000	i-0c7daea1f0975fd5d	/dev/xvda	eu-west-2b	-
-	`vol-0784f5139cf2c0d3c`	30	gp3	in-use	No	3000	i-0e7d1cc39ceebc443	/dev/sda1	eu-west-2a	-

🐳 ECS Clusters

Cluster Name	Status	Running Tasks	Pending Tasks	Active Services	Container Instances
spinbit-dev-ecs-cluster	ACTIVE	11	0	11	1

⚙️ ECS Services

Service Name	Status	Desired	Running	Launch Type	Task Definition	Load Balancers	Security Groups

📋 ECS Task Definitions (Active)

Family	Rev	CPU	Memory	Containers	Task Role	Privileged	Env Vars	Secrets	Log Config

Container Configuration Detail

⚠️ Plaintext environment variables should be avoided for sensitive data. Use Secrets Manager or SSM Parameter Store. log_router containers are excluded.

Task Definition	Container	Image	Log Config	Plaintext Env Vars	Secrets (SSM/SM)

🗄️ RDS Instances

DB Identifier	Engine	Class	Status	Storage	Encrypted	Multi-AZ	Public	Backup	Delete Prot.	Tags
spinbit-dev-aurora-primary-cluster-instance-0	aurora-mysql 8.0.mysql_aurora.3.10.0	db.t4g.medium	available	1 GiB	Yes	No	No	7d	No	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev

⚡ Lambda Functions

Function Name	Runtime	Memory	Timeout	VPC	Last Modified	Tags
aws-controltower-NotificationForwarder	python3.13	128 MB	60s	No VPC	2025-08-21	aws:cloudformation:logical-id=ForwardSnsNotificationaws:cloudformation:stack-id=arn:aws:cloudformation:eu-west-2:647256769979:stack/StackSet-AWSControlTowerBP-BASELINE-CLOUDWATCH-b9ec22bd-8acf-4dbd-ba80-8d4a1444f969/208746c0-2abc-11f0-b406-0a1a25bbf005aws:cloudformation:stack-name=StackSet-AWSControlTowerBP-BASELINE-CLOUDWATCH-b9ec22bd-8acf-4dbd-ba80-8d4a1444f969

📨 SQS Queues

Total Queues: 59

Without Encryption: 59

Without DLQ: 59

Queue Name	Type	Encrypted	DLQ Configured	Visibility Timeout	Tags
accumulate_bonus_programs_ref_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
accumulate_bonus_programs_referral_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
accumulate_bonus_programs_settle_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
accumulate_bonus_programs_spinbit_dev	Standard	No	No	3000s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
ad_checks_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
assign_new_game_to_bonus_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
assign_new_game_to_game_segment_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
audit_logs_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
automatic_withdrawal_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
betting_limit_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
bonuses_spinbit_dev	Standard	No	No	3010s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
broadcast_balance_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
broadcast_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
calendar_bonus_programs_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
campaign_message_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
casino_bet_detail_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
compliance_actions_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
compliances_computing_spinbit_dev.fifo	FIFO	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
compliances_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
compliances_spinbit_dev.fifo	FIFO	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
crm_high_intercom_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
crm_high_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
crm_intercom_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
crm_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
default_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
emails_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
export_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
game_log_locks_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
game_logs_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
game_logs_spinbit_dev.fifo	FIFO	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
import_batches_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
kyc_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
loyalty_programs_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
payment_integration_logs_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
player_activities_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
player_flagged_computing_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
player_tips_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
player_tracking_session_computing_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
player_transaction_summary_realtime_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
player_transactional_summary_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
player_vip_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
prune_open_bets_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
quests_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
rebate_programs_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
recent_games_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
referral_plans_spinbit_dev	Standard	No	No	3010s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
risk_fraud_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
segments_computing_spinbit_dev.fifo	FIFO	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
segments_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
segments_spinbit_dev.fifo	FIFO	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
sms_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
sportbook_bet_detail_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
spotlight-search_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
telescope_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
tournaments_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
tournaments_spinbit_dev.fifo	FIFO	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
trigger_scheduled_programs_spinbit_dev	Standard	No	No	3000s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
wagering_requirements_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
webhook_call_spinbit_dev	Standard	No	No	300s	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev

🔑 Secrets Manager

Total Secrets: 2

Without Rotation: 2

Secret Name	Description	KMS Key	Rotation	Last Rotated	Last Accessed	Tags
spinbit-dev-rds-admin-password	spinbit-dev-rds-admin-password	`secretsmanager`	Disabled	-	2026-01-15	env=devcustomer=spinbit
spinbit-dev-redshift-admin-password	spinbit-dev-redshift-admin-password	`secretsmanager`	Disabled	-	2026-01-15	env=devcustomer=spinbit

📋 CloudWatch Log Groups

Total Log Groups: 7

Without Retention Policy: 4

Log Group Name	Retention (Days)	Stored Size
`/aws/lambda/aws-controltower-NotificationForwarder`	14	0 B
`/aws/rds/cluster/spinbit-dev-primary-cluster/error`	Never Expire	80.04 MB
`/aws/rds/instance/spinbit-dev-db-master/error`	Never Expire	23.44 KB
`/aws/rds/instance/spinbit-dev-db-replication/error`	Never Expire	43.06 KB
`RDSOSMetrics`	30	71.57 MB
`StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-6fed3bc6-287e-427d-b17b-fb0f940a878d-VPCFlowLogsLogGroup-rxo2Lje1p4PS`	90	0 B
`dms-tasks-spinbit-dev-dms-replication-instance`	Never Expire	4.78 MB

⚖️ Application & Network Load Balancers

Name	Type	Scheme	State	DNS Name	VPC	AZs	Listeners	Target Groups	Tags
spinbit-dev-ecs-alb	APPLICATION	internet-facing	active	spinbit-dev-ecs-alb-1459382359.eu-west-2.elb.amazonaws.com	vpc-09dccd980d4725980	2	HTTP:80, HTTPS:443	12	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev

Target Groups

Load Balancer	Target Group Name	Protocol	Port	Target Type	Health Check
spinbit-dev-ecs-alb	spinbit-dev-api-tg-441	HTTPS	441	instance	HTTPS:/robots.txt
spinbit-dev-ecs-alb	spinbit-dev-bo-tg-440	HTTPS	440	instance	HTTPS:/robots.txt
spinbit-dev-ecs-alb	spinbit-dev-callbk-tg-442	HTTPS	442	instance	HTTPS:/robots.txt
spinbit-dev-ecs-alb	spinbit-dev-cdncms-tg-449	HTTPS	449	instance	HTTPS:/health
spinbit-dev-ecs-alb	spinbit-dev-cms-tg-444	HTTPS	444	instance	HTTPS:/
spinbit-dev-ecs-alb	spinbit-dev-elk-tg-443	HTTPS	443	instance	HTTPS:/
spinbit-dev-ecs-alb	spinbit-dev-fasttrckproxy-tg-445	HTTPS	445	instance	HTTPS:/healthcheck
spinbit-dev-ecs-alb	spinbit-dev-fe-tg-443	HTTPS	443	instance	HTTPS:/robots.txt
spinbit-dev-ecs-alb	spinbit-dev-graylg-tg-443	HTTPS	443	instance	HTTPS:/
spinbit-dev-ecs-alb	spinbit-dev-intgrlg-tg443	HTTPS	443	instance	HTTPS:/
spinbit-dev-ecs-alb	spinbit-dev-seonproxy-tg-450	HTTPS	450	instance	HTTPS:/healthcheck
spinbit-dev-ecs-alb	spinbit-dev-wbsket-tg6002	HTTPS	6002	instance	HTTPS:/

🔐 Security Groups (In Use)

Name	Group ID	VPC	Used By	Inbound Ports	Outbound Ports	Open to Internet	Tags
spinbit-dev-allow-ssh	`sg-03c87f996c807b3de`	vpc-09dccd980d4725980	EC2(1)	tcp:22	All	No	Customer=spinbitEnvironment=devmap-migrated=migS0EK6JMBZC
spinbit-dev-allow-local-port-3306	`sg-0eeb934df94931149`	vpc-09dccd980d4725980	RDS(1)	tcp:3306	All	No	map-migrated=migS0EK6JMBZCEnvironment=devCustomer=spinbit
spinbit-dev-allow-local	`sg-00acb62ed3cd7cc05`	vpc-09dccd980d4725980	EC2(7)	All	All	No	map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=dev
spinbit-dev-allow-http-https	`sg-0d1e6b4c302b4cb3f`	vpc-09dccd980d4725980	APPLICATION(1)	tcp:443, tcp:80	All	Yes	map-migrated=migS0EK6JMBZCEnvironment=devCustomer=spinbit

Security Group Rules Detail

Security Group	Direction	Protocol	Port Range	Source/Destination
spinbit-dev-allow-ssh `sg-03c87f996c807b3de`	Inbound	tcp	22	18.134.162.129/32, 14.161.16.211/32, 119.93.179.143/32, 136.158.7.103/32, 13.42.111.188/32, 118.69.133.85/32
spinbit-dev-allow-local-port-3306 `sg-0eeb934df94931149`	Inbound	tcp	3306	172.20.1.0/24, 172.20.3.0/24, 172.20.2.109/32, 172.20.2.59/32
spinbit-dev-allow-local `sg-00acb62ed3cd7cc05`	Inbound	All	All	172.20.3.0/24, 172.20.4.0/24, 172.20.1.0/24, 172.20.2.0/24
spinbit-dev-allow-http-https `sg-0d1e6b4c302b4cb3f`	Inbound	tcp	80	0.0.0.0/0
spinbit-dev-allow-http-https `sg-0d1e6b4c302b4cb3f`	Inbound	tcp	443	0.0.0.0/0
spinbit-dev-allow-ssh `sg-03c87f996c807b3de`	Outbound	All	All	0.0.0.0/0
spinbit-dev-allow-local-port-3306 `sg-0eeb934df94931149`	Outbound	All	All	0.0.0.0/0
spinbit-dev-allow-local `sg-00acb62ed3cd7cc05`	Outbound	All	All	0.0.0.0/0
spinbit-dev-allow-http-https `sg-0d1e6b4c302b4cb3f`	Outbound	All	All	0.0.0.0/0

🛡️ Compliance Findings

Network & Security (Section 5.2)

1

Open Security Groups (0.0.0.0/0)

7

EC2 Without IMDSv2

Yes

CloudTrail Enabled

Data Protection (Section 5.4)

9

Unencrypted EBS Volumes

0

Unencrypted RDS

59

SQS Without Encryption

Logging & Monitoring (Section 5.3)

4

Log Groups (No Retention)

RDS Standards (Section 7)

0

Public RDS Instances

1

RDS Without Multi-AZ

0

RDS Without Backups

Lambda Standards (Section 7)

0

Lambda Default Timeout (3s)

1

Lambda Without DLQ

SQS Standards (Section 7)

59

SQS Without DLQ

ECS Standards (Section 7)

0

Plaintext Env Vars

0

Privileged Containers

GLOBAL

REGIONS

🔐 IAM (Global)

5

5

0

0

📍 Region: eu-west-2