🔐 IAM (Global)
IAM Compliance Findings
9
Total IAM Users
9
Users Without MFA
4
Access Keys >90 Days Old
0
Users with Admin Access
IAM Users
| User Name | MFA Enabled | Access Key ID | Key Status | Key Created |
|---|---|---|---|---|
| developers | No | - | - | - |
| spinbit_prod_cms_nginx_s3_gateway | No | AKIAX3JRQ6O2PQ2ZJAZQ | Active | 2025-09-28 |
| spinbit_prod_ecs_deploy | No | AKIAX3JRQ6O2CKWVDXKZ | Active | 2025-09-29 |
| spinbit_prod_grafana | No | - | - | - |
| spinbit_prod_infras_watcher | No | AKIAX3JRQ6O2JJZJTOF5 | Active | 2025-11-21 |
| spinbit_prod_s3upload | No | AKIAX3JRQ6O2OFZEUK7K | Active | 2025-09-28 |
| spinbit_prod_sqs | No | AKIAX3JRQ6O2FE4DESTA | Active | 2025-09-28 |
| spintech_bi | No | - | - | - |
| test_canle_spinbit | No | - | - | - |
📍 Region: eu-west-2
VPCs & Subnets
| Name | VPC ID | CIDR Block | State | Tenancy | Tags |
|---|---|---|---|---|---|
| aws-controltower-VPC | vpc-0b14683af309f7064 |
172.31.0.0/16 | available | default | aws:cloudformation:logical-id=VPCaws:cloudformation:stack-id=arn:aws:cloudformation:eu-west-2:539659137972:stack/StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-25a699d8-7eb5-4840-8667-9e7c4e1bf5c5/af10d960-2bd9-11f0-aa18-0a18e0d3f989aws:cloudformation:stack-name=StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-25a699d8-7eb5-4840-8667-9e7c4e1bf5c5 |
Subnets
| Name | Subnet ID | VPC ID | CIDR Block | AZ | Available IPs | Public IP on Launch | Tags |
|---|---|---|---|---|---|---|---|
| aws-controltower-PrivateSubnet2A | subnet-0ba456aa3f2f3458c |
vpc-0b14683af309f7064 | 172.31.32.0/20 | eu-west-2b | 4091 | No | Network=Privateaws:cloudformation:logical-id=PrivateSubnet2Aaws:cloudformation:stack-id=arn:aws:cloudformation:eu-west-2:539659137972:stack/StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-25a699d8-7eb5-4840-8667-9e7c4e1bf5c5/af10d960-2bd9-11f0-aa18-0a18e0d3f989aws:cloudformation:stack-name=StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-25a699d8-7eb5-4840-8667-9e7c4e1bf5c5 |
| aws-controltower-PrivateSubnet3A | subnet-03dd421ecd34b7604 |
vpc-0b14683af309f7064 | 172.31.80.0/20 | eu-west-2c | 4091 | No | aws:cloudformation:stack-name=StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-25a699d8-7eb5-4840-8667-9e7c4e1bf5c5Network=Privateaws:cloudformation:logical-id=PrivateSubnet3Aaws:cloudformation:stack-id=arn:aws:cloudformation:eu-west-2:539659137972:stack/StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-25a699d8-7eb5-4840-8667-9e7c4e1bf5c5/af10d960-2bd9-11f0-aa18-0a18e0d3f989 |
| aws-controltower-PrivateSubnet1A | subnet-0cbbba599de0d4365 |
vpc-0b14683af309f7064 | 172.31.64.0/20 | eu-west-2a | 4091 | No | aws:cloudformation:stack-id=arn:aws:cloudformation:eu-west-2:539659137972:stack/StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-25a699d8-7eb5-4840-8667-9e7c4e1bf5c5/af10d960-2bd9-11f0-aa18-0a18e0d3f989Network=Privateaws:cloudformation:logical-id=PrivateSubnet1Aaws:cloudformation:stack-name=StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-25a699d8-7eb5-4840-8667-9e7c4e1bf5c5 |
Lambda Functions
| Function Name | Runtime | Memory | Timeout | VPC | Last Modified | Tags |
|---|---|---|---|---|---|---|
| aws-controltower-NotificationForwarder | python3.13 | 128 MB | 60s | No VPC | 2025-08-21 | aws:cloudformation:logical-id=ForwardSnsNotificationaws:cloudformation:stack-id=arn:aws:cloudformation:eu-west-2:539659137972:stack/StackSet-AWSControlTowerBP-BASELINE-CLOUDWATCH-1712f7cc-68c6-4c9f-be53-34ad957bb53c/34e3d750-2bd9-11f0-8f8f-06410dbb9423aws:cloudformation:stack-name=StackSet-AWSControlTowerBP-BASELINE-CLOUDWATCH-1712f7cc-68c6-4c9f-be53-34ad957bb53c |
CloudWatch Log Groups
Total Log Groups: 2
Without Retention Policy: 0
| Log Group Name | Retention (Days) | Stored Size |
|---|---|---|
/aws/lambda/aws-controltower-NotificationForwarder |
14 | 0 B |
StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-25a699d8-7eb5-4840-8667-9e7c4e1bf5c5-VPCFlowLogsLogGroup-wm7oSuoXEZ9y |
90 | 0 B |
Compliance Findings
Network & Security (Section 5.2)
0
Open Security Groups (0.0.0.0/0)
0
EC2 Without IMDSv2
Yes
CloudTrail Enabled
Data Protection (Section 5.4)
0
Unencrypted EBS Volumes
0
Unencrypted RDS
0
SQS Without Encryption
Logging & Monitoring (Section 5.3)
0
Log Groups (No Retention)
RDS Standards (Section 7)
0
Public RDS Instances
0
RDS Without Multi-AZ
0
RDS Without Backups
Lambda Standards (Section 7)
0
Lambda Default Timeout (3s)
1
Lambda Without DLQ
SQS Standards (Section 7)
0
SQS Without DLQ
ECS Standards (Section 7)
0
Plaintext Env Vars
0
Privileged Containers
📍 Region: ap-east-1
VPCs & Subnets
| Name | VPC ID | CIDR Block | State | Tenancy | Tags |
|---|---|---|---|---|---|
| spinbit-prod-vpc | vpc-09b074fdbeb9bb741 |
10.0.0.0/16 | available | default | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
Subnets
| Name | Subnet ID | VPC ID | CIDR Block | AZ | Available IPs | Public IP on Launch | Tags |
|---|---|---|---|---|---|---|---|
| spinbit-prod-public-subnet-2 | subnet-03db162adfea642f4 |
vpc-09b074fdbeb9bb741 | 10.0.4.0/24 | ap-east-1b | 246 | No | map-migrated=migS0EK6JMBZCEnvironment=prodCustomer=spinbit |
| spinbit-prod-private-subnet-2 | subnet-05b474da4868329fb |
vpc-09b074fdbeb9bb741 | 10.0.3.0/24 | ap-east-1b | 232 | No | Customer=spinbitmap-migrated=migS0EK6JMBZCEnvironment=prod |
| spinbit-prod-public-subnet-1 | subnet-07fa3fefc35dfaeef |
vpc-09b074fdbeb9bb741 | 10.0.2.0/24 | ap-east-1a | 241 | No | Customer=spinbitmap-migrated=migS0EK6JMBZCEnvironment=prod |
| spinbit-prod-private-subnet-1 | subnet-08618901e3b4f8142 |
vpc-09b074fdbeb9bb741 | 10.0.1.0/24 | ap-east-1a | 227 | No | Environment=prodCustomer=spinbitmap-migrated=migS0EK6JMBZC |
EC2 Instances
| Name | Instance ID | Type | State | Public IP | Private IP | VPC | Security Groups | AMI | Key Pair | IAM Profile | EBS Volumes | IMDSv2 | Tags |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| spinbit_prod_monitoring | i-0f2ecba021ce03a2f |
t3.medium | running | - | 10.0.1.116 | vpc-09b074fdbeb9bb741 | sg-020f19ed3009e9732 | ami-0a016692298cf2ee2 | spinbit_prod_Sept2024 | SSMInstanceProfile | 1 | required | Customer=spinbitEnvironment=prodmap-migrated=migS0EK6JMBZC |
| spinbit_prod_bastion_host | i-0c8da9de550e5f633 |
t3.small | running | 54.46.32.91 | 10.0.2.127 | vpc-09b074fdbeb9bb741 | sg-0511ef4a06bd1c829 | ami-0b1d874a4aa2bdbc4 | spinbit_prod_Sept2024 | SSMInstanceProfile | 1 | optional | Customer=spinbitEnvironment=prodmap-migrated=migS0EK6JMBZC |
| spinbit_prod_mongodb_cms | i-0fc6d92a765233dda |
t3.medium | running | - | 10.0.1.180 | vpc-09b074fdbeb9bb741 | sg-020f19ed3009e9732 | ami-0167ea8cea7e4be9d | spinbit_prod_Sept2024 | SSMInstanceProfile | 1 | optional | Customer=spinbitEnvironment=prodmap-migrated=migS0EK6JMBZC |
| spinbit_prod_elk | i-04d6e0a079b40f0dc |
t3.large | running | 54.46.121.10 | 10.0.2.216 | vpc-09b074fdbeb9bb741 | sg-020f19ed3009e9732 | ami-06f59eb5286708ef8 | spinbit_prod_Sept2024 | SSMInstanceProfile | 1 | optional | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| temporary-spinbit-prod-for-migrations | i-05c3c68d1f1aa6cc4 |
t3.medium | stopped | - | 10.0.2.103 | vpc-09b074fdbeb9bb741 | sg-0511ef4a06bd1c829, sg-07c33855522b17437 | ami-0b561d33293a76a1c | spinbit_prod_Sept2024 | SSMInstanceProfile | 1 | required | - |
| spinbit_prod_graylog | i-0e427dafb7f05b16e |
r5.xlarge | running | 95.40.88.149 | 10.0.2.22 | vpc-09b074fdbeb9bb741 | sg-020f19ed3009e9732 | ami-0f601df3216599ebc | spinbit_prod_Sept2024 | SSMInstanceProfile | 1 | optional | map-migrated=migS0EK6JMBZCEnvironment=prodCustomer=spinbit |
| Temporary_Bitbucket_Runner_Spinbit_prod | i-057c81632be798fd2 |
t3.large | running | - | 10.0.1.137 | vpc-09b074fdbeb9bb741 | sg-020f19ed3009e9732 | ami-0b561d33293a76a1c | spinbit_prod_Sept2024 | SSMInstanceProfile | 1 | required | - |
| ECS Instance - EC2ContainerService-spinbit-prod-fe-cms-cdn-websocket-ecs-cluster | i-043e9a4498810829e |
c5a.2xlarge | running | - | 10.0.1.100 | vpc-09b074fdbeb9bb741 | sg-020f19ed3009e9732 | ami-035fccda7ffa2f58a | spinbit_prod_Sept2024 | SSM_EcsInstanceProfile | 1 | required | AmazonECSManaged=ECS Cluster managed by Amazonaws:ec2launchtemplate:version=2Environment=prodaws:autoscaling:groupName=spinbit-prod-Asg-fe-cms-cdn-websocket-ecs-clusterCustomer=spinbitaws:ec2launchtemplate:id=lt-0ddce1ccda516eee3 |
| spinbit_prod_integration_graylog | i-0ce67cd367e624c90 |
t3.xlarge | running | 18.162.156.120 | 10.0.2.61 | vpc-09b074fdbeb9bb741 | sg-020f19ed3009e9732 | ami-013f99c993b4f038f | spinbit_prod_Sept2024 | SSMInstanceProfile | 1 | optional | Environment=prodCustomer=spinbitmap-migrated=migS0EK6JMBZC |
| ECS Instance - EC2ContainerService-spinbit-prod-bo-agent-ecs-cluster | i-085a9435c660ef878 |
c5a.4xlarge | running | - | 10.0.1.254 | vpc-09b074fdbeb9bb741 | sg-020f19ed3009e9732 | ami-035fccda7ffa2f58a | spinbit_prod_Sept2024 | SSM_EcsInstanceProfile | 1 | required | aws:autoscaling:groupName=spinbit-prod-Asg-bo-agent-ecs-clusterCustomer=spinbitAmazonECSManaged=ECS Cluster managed by Amazonaws:ec2launchtemplate:id=lt-07c76f49539eb2648Environment=prodaws:ec2launchtemplate:version=1 |
| ECS Instance - EC2ContainerService-spinbit-prod-fe-cms-cdn-websocket-ecs-cluster | i-0ea43257fd88a8d38 |
c5a.2xlarge | running | - | 10.0.1.246 | vpc-09b074fdbeb9bb741 | sg-020f19ed3009e9732 | ami-035fccda7ffa2f58a | spinbit_prod_Sept2024 | SSM_EcsInstanceProfile | 1 | required | aws:autoscaling:groupName=spinbit-prod-Asg-fe-cms-cdn-websocket-ecs-clusteraws:ec2launchtemplate:id=lt-0ddce1ccda516eee3AmazonECSManaged=ECS Cluster managed by AmazonEnvironment=prodaws:ec2launchtemplate:version=2Customer=spinbit |
| spinbit_prod_metabase | i-0be4321a6cdd18484 |
t3.medium | running | - | 10.0.1.170 | vpc-09b074fdbeb9bb741 | sg-020f19ed3009e9732 | ami-0e3b1b033c6002876 | spinbit_prod_Sept2024 | SSMInstanceProfile | 1 | optional | Environment=prodCustomer=spinbitmap-migrated=migS0EK6JMBZC |
| ECS Instance - EC2ContainerService-spinbit-prod-cronjob-ecs-cluster | i-0f2ac487f0e95ad8b |
t3.large | running | - | 10.0.3.27 | vpc-09b074fdbeb9bb741 | sg-020f19ed3009e9732 | ami-035fccda7ffa2f58a | spinbit_prod_Sept2024 | SSM_EcsInstanceProfile | 1 | required | Environment=prodaws:ec2launchtemplate:id=lt-0d8e572a811ab5032Customer=spinbitaws:ec2launchtemplate:version=2aws:autoscaling:groupName=spinbit-prod-Asg-cronjob-ecs-clusterAmazonECSManaged=ECS Cluster managed by Amazon |
| ECS Instance - EC2ContainerService-spinbit-prod-bo-agent-ecs-cluster | i-07859823b847563c4 |
c5a.4xlarge | running | - | 10.0.3.104 | vpc-09b074fdbeb9bb741 | sg-020f19ed3009e9732 | ami-035fccda7ffa2f58a | spinbit_prod_Sept2024 | SSM_EcsInstanceProfile | 1 | required | Customer=spinbitEnvironment=prodaws:ec2launchtemplate:version=1aws:ec2launchtemplate:id=lt-07c76f49539eb2648AmazonECSManaged=ECS Cluster managed by Amazonaws:autoscaling:groupName=spinbit-prod-Asg-bo-agent-ecs-cluster |
| ECS Instance - EC2ContainerService-spinbit-prod-fe-cms-cdn-websocket-ecs-cluster | i-07b29fdc9c197cf81 |
c5a.2xlarge | running | - | 10.0.3.165 | vpc-09b074fdbeb9bb741 | sg-020f19ed3009e9732 | ami-035fccda7ffa2f58a | spinbit_prod_Sept2024 | SSM_EcsInstanceProfile | 1 | required | Customer=spinbitAmazonECSManaged=ECS Cluster managed by AmazonEnvironment=prodaws:ec2launchtemplate:version=2aws:autoscaling:groupName=spinbit-prod-Asg-fe-cms-cdn-websocket-ecs-clusteraws:ec2launchtemplate:id=lt-0ddce1ccda516eee3 |
| ECS Instance - EC2ContainerService-spinbit-prod-fe-cms-cdn-websocket-ecs-cluster | i-00ff2e0d5b383146c |
c5a.2xlarge | running | - | 10.0.3.24 | vpc-09b074fdbeb9bb741 | sg-020f19ed3009e9732 | ami-035fccda7ffa2f58a | spinbit_prod_Sept2024 | SSM_EcsInstanceProfile | 1 | required | Customer=spinbitaws:ec2launchtemplate:id=lt-0ddce1ccda516eee3aws:autoscaling:groupName=spinbit-prod-Asg-fe-cms-cdn-websocket-ecs-clusterEnvironment=prodaws:ec2launchtemplate:version=2AmazonECSManaged=ECS Cluster managed by Amazon |
EBS Volumes
| Name | Volume ID | Size (GiB) | Type | State | Encrypted | IOPS | Attached Instance | Device | AZ | Tags |
|---|---|---|---|---|---|---|---|---|---|---|
| - | vol-0648a99babffa04bb |
100 | gp3 | in-use | No | 3000 | i-07b29fdc9c197cf81 | /dev/xvda | ap-east-1b | - |
| spinbit_prod_graylog_volume | vol-0ad2e1339a604fe07 |
2200 | gp3 | in-use | No | 3000 | i-0e427dafb7f05b16e | /dev/sda1 | ap-east-1a | Environment=prodCustomer=spinbit |
| - | vol-06be02d845ee880ab |
50 | gp3 | in-use | No | 3000 | i-085a9435c660ef878 | /dev/xvda | ap-east-1a | - |
| spinbit_prod_integration_graylog_volume | vol-0230edd857b542a39 |
2000 | gp3 | in-use | No | 3000 | i-0ce67cd367e624c90 | /dev/sda1 | ap-east-1a | Environment=prodCustomer=spinbit |
| - | vol-0af4e7b7e7363799a |
100 | gp3 | in-use | No | 3000 | i-0ea43257fd88a8d38 | /dev/xvda | ap-east-1a | - |
| - | vol-0ddeb811a1c69856f |
300 | gp3 | in-use | No | 3000 | i-05c3c68d1f1aa6cc4 | /dev/sda1 | ap-east-1a | - |
| - | vol-032bbac8d3a875bf5 |
100 | gp3 | in-use | No | 3000 | i-043e9a4498810829e | /dev/xvda | ap-east-1a | - |
| - | vol-050148c8c89515e51 |
50 | gp3 | in-use | No | 3000 | i-07859823b847563c4 | /dev/xvda | ap-east-1b | - |
| spinbit_prod_mongodb_cms_volume | vol-0f2117a1571785942 |
50 | gp3 | in-use | No | 3000 | i-0fc6d92a765233dda | /dev/sda1 | ap-east-1a | Customer=spinbitEnvironment=prod |
| spinbit_prod_metabase_volume | vol-0f5e615b3c9d92441 |
50 | gp3 | in-use | No | 3000 | i-0be4321a6cdd18484 | /dev/sda1 | ap-east-1a | Customer=spinbitEnvironment=prod |
| spinbit_prod_bastion_host_volume | vol-05dce0948c0ad32a1 |
20 | gp3 | in-use | No | 3000 | i-0c8da9de550e5f633 | /dev/sda1 | ap-east-1a | Environment=prodCustomer=spinbit |
| - | vol-07153459fe9e4cce5 |
100 | gp3 | in-use | No | 3000 | i-00ff2e0d5b383146c | /dev/xvda | ap-east-1b | - |
| spinbit_prod_elk_volume | vol-002099077e96fc3a9 |
50 | gp3 | in-use | No | 3000 | i-04d6e0a079b40f0dc | /dev/sda1 | ap-east-1a | Customer=spinbitEnvironment=prod |
| - | vol-0d83dc1239798cf85 |
50 | gp3 | in-use | No | 3000 | i-0f2ac487f0e95ad8b | /dev/xvda | ap-east-1b | - |
| spinbit_prod_monitoring_volume | vol-0227a6d3645f0d1eb |
80 | gp3 | in-use | No | 3000 | i-0f2ecba021ce03a2f | /dev/sda1 | ap-east-1a | Environment=prodCustomer=spinbit |
| - | vol-01994de2a32bbdcdc |
20 | gp3 | in-use | No | 3000 | i-057c81632be798fd2 | /dev/sda1 | ap-east-1a | - |
ECS Clusters
| Cluster Name | Status | Running Tasks | Pending Tasks | Active Services | Container Instances |
|---|---|---|---|---|---|
| spinbit-prod-api-fargate-ecs-cluster | ACTIVE | 8 | 0 | 1 | 0 |
| spinbit-prod-bo-agent-ecs-cluster | ACTIVE | 3 | 0 | 1 | 2 |
| spinbit-prod-callback-fargate-ecs-cluster | ACTIVE | 10 | 0 | 1 | 0 |
| spinbit-prod-queue-worker-fargate-ecs-cluster | ACTIVE | 2 | 0 | 1 | 0 |
| spinbit-prod-cronjob-ecs-cluster | ACTIVE | 1 | 0 | 1 | 1 |
| spinbit-prod-fe-cms-cdn-websocket-ecs-cluster | ACTIVE | 13 | 0 | 6 | 4 |
ECS Services
| Service Name | Status | Desired | Running | Launch Type | Task Definition | Load Balancers | Security Groups |
|---|---|---|---|---|---|---|---|
| spinbit-prod-api-service | ACTIVE | 8 | 8 | FARGATE | spinbit-prod-api-task-definitions:23 | 1 target groups | sg-020f19ed3009e9732 |
| spinbit-prod-callback-service | ACTIVE | 10 | 10 | FARGATE | spinbit-prod-callback-task-definitions:23 | 1 target groups | sg-020f19ed3009e9732 |
| spinbit-prod-queue-worker-service | ACTIVE | 2 | 2 | FARGATE | spinbit-prod-queue-worker-task-definitions:25 | 0 target groups | sg-020f19ed3009e9732 |
| spinbit-prod-cronjob-service | ACTIVE | 1 | 1 | EC2 | spinbit-prod-cronjob-task-definitions:24 | 0 target groups | |
| spinbit-prod-bo-service | ACTIVE | 3 | 3 | EC2 | spinbit-prod-bo-task-definitions:23 | 1 target groups | |
| spinbit-prod-fasttrack-proxy-service | ACTIVE | 2 | 2 | EC2 | spinbit-prod-fasttrack-proxy-task-definitions:3 | 1 target groups | |
| spinbit-prod-cdn-cms-service | ACTIVE | 2 | 2 | EC2 | spinbit-prod-cdn-cms-task-definitions:3 | 1 target groups | |
| spinbit-prod-seon-proxy-service | ACTIVE | 2 | 2 | EC2 | spinbit-prod-seon-proxy-task-definitions:5 | 1 target groups | |
| spinbit-prod-fe-service | ACTIVE | 3 | 3 | EC2 | spinbit-prod-fe-task-definitions:41 | 1 target groups | |
| spinbit-prod-cms-service | ACTIVE | 2 | 2 | EC2 | spinbit-prod-cms-task-definitions:3 | 2 target groups | |
| spinbit-prod-websocket-services | ACTIVE | 2 | 2 | EC2 | spinbit-prod-websocket-task-definitions:3 | 1 target groups |
ECS Task Definitions (Active)
| Family | Rev | CPU | Memory | Containers | Task Role | Privileged | Env Vars | Secrets | Log Config |
|---|---|---|---|---|---|---|---|---|---|
| spinbit-prod-api-task-definitions | 23 | 4096 | 8192 | 4 | Yes | No | 5 | 0 | No logs, awslogs:/ecs/spinbit-prod-api |
| spinbit-prod-bo-task-definitions | 23 | - | - | 4 | No | No | 5 | 0 | No logs, json-file |
| spinbit-prod-callback-task-definitions | 23 | 4096 | 8192 | 4 | Yes | No | 5 | 0 | No logs, awslogs:/ecs/spinbit-prod-callback |
| spinbit-prod-cdn-cms-task-definitions | 3 | - | - | 1 | No | No | 0 | 0 | No logs |
| spinbit-prod-cms-task-definitions | 3 | - | - | 2 | No | No | 1 | 0 | No logs, json-file |
| spinbit-prod-cronjob-task-definitions | 24 | - | - | 3 | No | No | 4 | 0 | No logs |
| spinbit-prod-fasttrack-proxy-task-definitions | 3 | - | - | 1 | No | No | 1 | 0 | json-file |
| spinbit-prod-fe-task-definitions | 41 | - | - | 2 | Yes | No | 1 | 0 | awslogs:/ecs/prod-spinbit-fe |
| spinbit-prod-queue-worker-task-definitions | 25 | 8192 | 40960 | 3 | Yes | No | 4 | 0 | No logs |
| spinbit-prod-seon-proxy-task-definitions | 5 | - | - | 1 | No | No | 1 | 0 | json-file |
| spinbit-prod-websocket-task-definitions | 3 | - | - | 2 | No | No | 0 | 0 | No logs, json-file |
Container Configuration Detail
⚠️ Plaintext environment variables should be avoided for sensitive data. Use Secrets Manager or SSM Parameter Store. log_router containers are excluded.
| Task Definition | Container | Image | Log Config | Plaintext Env Vars | Secrets (SSM/SM) |
|---|---|---|---|---|---|
| spinbit-prod-api-task-definitions:23 | nginx | 539659137972.dkr.ecr.ap-east-1.amazonaws.com/spinbit-prod-nginx-base:3.0 | awslogs:/ecs/spinbit-prod-api | NGINX_DEFAULT_CONF_FILE | - |
| spinbit-prod-api-task-definitions:23 | terragon-api | 539659137972.dkr.ecr.ap-east-1.amazonaws.com/spinbit-prod-api:dd3e6fe-2155-master | awslogs:/ecs/spinbit-prod-api | None | - |
| spinbit-prod-api-task-definitions:23 | filebeat | 539659137972.dkr.ecr.ap-east-1.amazonaws.com/spinbit-prod-filebeat:3.0 | No logs | GRAYLOG_HOSTGRAYLOG_LISTEN_PORT | - |
| spinbit-prod-api-task-definitions:23 | filebeat-integration | 539659137972.dkr.ecr.ap-east-1.amazonaws.com/spinbit-prod-filebeat:4.0-integration | No logs | GRAYLOG_HOSTGRAYLOG_LISTEN_PORT | - |
| spinbit-prod-bo-task-definitions:23 | nginx-bo | 539659137972.dkr.ecr.ap-east-1.amazonaws.com/spinbit-prod-nginx-base:4.0 | json-file | NGINX_DEFAULT_CONF_FILE | - |
| spinbit-prod-bo-task-definitions:23 | terragon-bo | 539659137972.dkr.ecr.ap-east-1.amazonaws.com/spinbit-prod-bo:dd3e6fe-2155-master | No logs | None | - |
| spinbit-prod-bo-task-definitions:23 | filebeat | 539659137972.dkr.ecr.ap-east-1.amazonaws.com/spinbit-prod-filebeat:3.0 | No logs | GRAYLOG_HOSTGRAYLOG_LISTEN_PORT | - |
| spinbit-prod-bo-task-definitions:23 | filebeat-integration | 539659137972.dkr.ecr.ap-east-1.amazonaws.com/spinbit-prod-filebeat:4.0-integration | No logs | GRAYLOG_HOSTGRAYLOG_LISTEN_PORT | - |
| spinbit-prod-callback-task-definitions:23 | nginx | 539659137972.dkr.ecr.ap-east-1.amazonaws.com/spinbit-prod-nginx-base:3.0 | awslogs:/ecs/spinbit-prod-callback | NGINX_DEFAULT_CONF_FILE | - |
| spinbit-prod-callback-task-definitions:23 | terragon-callback | 539659137972.dkr.ecr.ap-east-1.amazonaws.com/spinbit-prod-callback:dd3e6fe-2155-master | awslogs:/ecs/spinbit-prod-callback | None | - |
| spinbit-prod-callback-task-definitions:23 | filebeat | 539659137972.dkr.ecr.ap-east-1.amazonaws.com/spinbit-prod-filebeat:3.0 | No logs | GRAYLOG_HOSTGRAYLOG_LISTEN_PORT | - |
| spinbit-prod-callback-task-definitions:23 | filebeat-integration | 539659137972.dkr.ecr.ap-east-1.amazonaws.com/spinbit-prod-filebeat:4.0-integration | No logs | GRAYLOG_HOSTGRAYLOG_LISTEN_PORT | - |
| spinbit-prod-cdn-cms-task-definitions:3 | nginx-s3-gateway | 539659137972.dkr.ecr.ap-east-1.amazonaws.com/spinbit-prod-nginx-base:s3-gateway-1.0 | No logs | None | - |
| spinbit-prod-cms-task-definitions:3 | nginx-cms | 539659137972.dkr.ecr.ap-east-1.amazonaws.com/spinbit-prod-nginx-base:3.0 | json-file | NGINX_DEFAULT_CONF_FILE | - |
| spinbit-prod-cms-task-definitions:3 | terragon-cms | 539659137972.dkr.ecr.ap-east-1.amazonaws.com/spinbit-prod-cms:2a4b923-37-devops-test-deploy-to-new-prod-migrations | No logs | None | - |
| spinbit-prod-cronjob-task-definitions:24 | cronjob | 539659137972.dkr.ecr.ap-east-1.amazonaws.com/spinbit-prod-cronjob:dd3e6fe-2155-master | No logs | None | - |
| spinbit-prod-cronjob-task-definitions:24 | filebeat | 539659137972.dkr.ecr.ap-east-1.amazonaws.com/spinbit-prod-filebeat:3.0 | No logs | GRAYLOG_HOSTGRAYLOG_LISTEN_PORT | - |
| spinbit-prod-cronjob-task-definitions:24 | filebeat-integration | 539659137972.dkr.ecr.ap-east-1.amazonaws.com/spinbit-prod-filebeat:4.0-integration | No logs | GRAYLOG_HOSTGRAYLOG_LISTEN_PORT | - |
| spinbit-prod-fasttrack-proxy-task-definitions:3 | nginx-fasttrack-proxy | 539659137972.dkr.ecr.ap-east-1.amazonaws.com/spinbit-prod-nginx-base:4.0-ft | json-file | NGINX_DEFAULT_CONF_FILE | - |
| spinbit-prod-fe-task-definitions:41 | nginx-fe | 539659137972.dkr.ecr.ap-east-1.amazonaws.com/spinbit-prod-nginx-base:3.0 | awslogs:/ecs/prod-spinbit-fe | NGINX_DEFAULT_CONF_FILE | - |
| spinbit-prod-fe-task-definitions:41 | app | 539659137972.dkr.ecr.ap-east-1.amazonaws.com/spinbit-prod-fe:c064e22-21025726411-master | awslogs:/ecs/prod-spinbit-fe | None | - |
| spinbit-prod-queue-worker-task-definitions:25 | queue-worker | 539659137972.dkr.ecr.ap-east-1.amazonaws.com/spinbit-prod-queue-worker:dd3e6fe-2155-master | No logs | None | - |
| spinbit-prod-queue-worker-task-definitions:25 | filebeat | 539659137972.dkr.ecr.ap-east-1.amazonaws.com/spinbit-prod-filebeat:3.0 | No logs | GRAYLOG_HOSTGRAYLOG_LISTEN_PORT | - |
| spinbit-prod-queue-worker-task-definitions:25 | filebeat-integration | 539659137972.dkr.ecr.ap-east-1.amazonaws.com/spinbit-prod-filebeat:4.0-integration | No logs | GRAYLOG_HOSTGRAYLOG_LISTEN_PORT | - |
| spinbit-prod-seon-proxy-task-definitions:5 | nginx-seon-proxy | 539659137972.dkr.ecr.ap-east-1.amazonaws.com/spinbit-prod-nginx-base:3.0-seon-v3 | json-file | NGINX_DEFAULT_CONF_FILE | - |
| spinbit-prod-websocket-task-definitions:3 | nginx-websocket | 539659137972.dkr.ecr.ap-east-1.amazonaws.com/spinbit-prod-nginx-base:3.0 | No logs | None | - |
| spinbit-prod-websocket-task-definitions:3 | app | 539659137972.dkr.ecr.ap-east-1.amazonaws.com/spinbit-prod-soketi:1.0-16-debian | json-file | None | - |
RDS Instances
| DB Identifier | Engine | Class | Status | Storage | Encrypted | Multi-AZ | Public | Backup | Delete Prot. | Tags |
|---|---|---|---|---|---|---|---|---|---|---|
| spinbit-prod-new-primary-cluster | aurora-mysql 8.0.mysql_aurora.3.08.2 | db.r7g.8xlarge | available | 1 GiB | Yes | No | No | 7d | No | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| spinbit-prod-new-primary-cluster-1 | aurora-mysql 8.0.mysql_aurora.3.08.2 | db.r7g.8xlarge | available | 1 GiB | Yes | No | No | 7d | No | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
Lambda Functions
| Function Name | Runtime | Memory | Timeout | VPC | Last Modified | Tags |
|---|---|---|---|---|---|---|
| sendBonusEligibility-spinbit | python3.10 | 512 MB | 30s | No VPC | 2026-01-06 | Brand=spinbitEnvironment=prodManagedBy=TerraformProject=BonusBot |
| spinbit-prod-upload-s3-objects-to-sftp | python3.13 | 128 MB | 30s | No VPC | 2025-11-07 | Customer=spinbitEnvironment=prodmap-migrated=migS0EK6JMBZC |
| spintech-sync-images-to-spintech-global-imgix-assets-bucket | python3.13 | 128 MB | 30s | vpc-09b074fdbeb9bb741 | 2025-12-01 | map-migrated=migS0EK6JMBZC |
| getBonusEligibilityResults-spinbit | python3.10 | 256 MB | 10s | No VPC | 2026-01-14 | Brand=spinbitEnvironment=prodManagedBy=TerraformProject=BonusBot |
SQS Queues
Total Queues: 59
Without Encryption: 59
Without DLQ: 59
| Queue Name | Type | Encrypted | DLQ Configured | Visibility Timeout | Messages | Tags |
|---|---|---|---|---|---|---|
| accumulate_bonus_programs_ref_spinbit_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| accumulate_bonus_programs_referral_spinbit_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| accumulate_bonus_programs_settle_spinbit_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| accumulate_bonus_programs_spinbit_prod | Standard | No | No | 3000s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| ad_checks_spinbit_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| assign_new_game_to_bonus_spinbit_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| assign_new_game_to_game_segment_spinbit_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| audit_logs_spinbit_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| automatic_withdrawal_spinbit_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| betting_limit_spinbit_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| bonuses_spinbit_prod | Standard | No | No | 3010s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| broadcast_balance_spinbit_prod | Standard | No | No | 300s | 1 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| broadcast_spinbit_prod | Standard | No | No | 300s | 55 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| calendar_bonus_programs_spinbit_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| campaign_message_spinbit_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| casino_bet_detail_spinbit_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| compliance_actions_spinbit_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| compliances_computing_spinbit_prod.fifo | FIFO | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| compliances_spinbit_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| compliances_spinbit_prod.fifo | FIFO | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| crm_high_intercom_spinbit_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| crm_high_spinbit_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| crm_intercom_spinbit_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| crm_spinbit_prod | Standard | No | No | 300s | 3 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| default_spinbit_prod | Standard | No | No | 300s | 106 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| emails_spinbit_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| export_spinbit_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| game_log_locks_spinbit_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| game_logs_spinbit_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| game_logs_spinbit_prod.fifo | FIFO | No | No | 300s | 60 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| import_batches_spinbit_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| kyc_spinbit_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| loyalty_programs_spinbit_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| payment_integration_logs_spinbit_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| player_activities_spinbit_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| player_flagged_computing_spinbit_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| player_tips_spinbit_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| player_tracking_session_computing_spinbit_prod | Standard | No | No | 300s | 39 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| player_transaction_summary_realtime_spinbit_prod | Standard | No | No | 300s | 17 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| player_transactional_summary_spinbit_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| player_vip_spinbit_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| prune_open_bets_spinbit_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| quests_spinbit_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| rebate_programs_spinbit_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| recent_games_spinbit_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| referral_plans_spinbit_prod | Standard | No | No | 3010s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| risk_fraud_spinbit_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| segments_computing_spinbit_prod.fifo | FIFO | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| segments_spinbit_prod | Standard | No | No | 300s | 2 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| segments_spinbit_prod.fifo | FIFO | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| sms_spinbit_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| sportbook_bet_detail_spinbit_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| spotlight-search_spinbit_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| telescope_spinbit_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| tournaments_spinbit_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| tournaments_spinbit_prod.fifo | FIFO | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| trigger_scheduled_programs_spinbit_prod | Standard | No | No | 3000s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| wagering_requirements_spinbit_prod | Standard | No | No | 300s | 53 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| webhook_call_spinbit_prod | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
Secrets Manager
Total Secrets: 3
Without Rotation: 3
| Secret Name | Description | KMS Key | Rotation | Last Rotated | Last Accessed | Tags |
|---|---|---|---|---|---|---|
| spinbit-prod-rds-admin-password | - | secretsmanager |
Disabled | - | 2026-01-15 | - |
| spinbit-prod-redshift-admin-password | - | secretsmanager |
Disabled | - | 2026-01-15 | - |
| spinbit-prod-other-credentials | - | secretsmanager |
Disabled | - | 2026-01-16 | - |
CloudWatch Log Groups
Total Log Groups: 14
Without Retention Policy: 5
| Log Group Name | Retention (Days) | Stored Size |
|---|---|---|
/aws/lambda/getBonusEligibilityResults-spinbit |
30 | 1.05 MB |
/aws/lambda/sendBonusEligibility-spinbit |
30 | 4.49 MB |
/aws/lambda/spinbit-prod-upload-s3-objects-to-sftp |
30 | 36.75 MB |
/aws/lambda/spintech-sync-images-to-spintech-global-imgix-assets-bucket |
Never Expire | 2.43 MB |
/aws/rds/cluster/spinbit-prod-primary-cluster/error |
Never Expire | 68.52 MB |
/aws/rds/instance/spinbit-prod-db-master/error |
Never Expire | 2.96 KB |
/aws/rds/instance/spinbit-prod-db-replication/error |
Never Expire | 10.53 KB |
/ecs/prod-spinbit-fe |
30 | 499.97 MB |
/ecs/spinbit-prod-api |
365 | 22.11 GB |
/ecs/spinbit-prod-callback |
365 | 20.01 GB |
RDSOSMetrics |
30 | 69.38 MB |
dms-tasks-migrations-spinbit-prod-dms-instance |
30 | 0 B |
dms-tasks-spinbit-prod-dms-replication-instance |
Never Expire | 16.35 MB |
spinbit-prod-backend-redis-slowlog |
365 | 4.35 KB |
Application & Network Load Balancers
| Name | Type | Scheme | State | DNS Name | VPC | AZs | Listeners | Target Groups | Tags |
|---|---|---|---|---|---|---|---|---|---|
| spinbit-prod-api-callbck-ecs-alb | APPLICATION | internet-facing | active | spinbit-prod-api-callbck-ecs-alb-1790645341.ap-east-1.elb.amazonaws.com | vpc-09b074fdbeb9bb741 | 2 | HTTPS:443, HTTP:80 | 3 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| spinbit-prod-other-ecs-alb | APPLICATION | internet-facing | active | spinbit-prod-other-ecs-alb-1524201669.ap-east-1.elb.amazonaws.com | vpc-09b074fdbeb9bb741 | 2 | HTTP:80, HTTPS:443 | 11 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| spinbit-prod-ecs-internal-alb | APPLICATION | internal | active | internal-spinbit-prod-ecs-internal-alb-1846655492.ap-east-1.elb.amazonaws.com | vpc-09b074fdbeb9bb741 | 2 | HTTPS:443, HTTP:80 | 1 | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
Target Groups
| Load Balancer | Target Group Name | Protocol | Port | Target Type | Health Check |
|---|---|---|---|---|---|
| spinbit-prod-api-callbck-ecs-alb | spinbit-prod-api-tg-443 | HTTPS | 443 | ip | HTTPS:/robots.txt |
| spinbit-prod-api-callbck-ecs-alb | spinbit-prod-callbck-tg-443 | HTTPS | 443 | ip | HTTPS:/player/api/v1/ping |
| spinbit-prod-api-callbck-ecs-alb | spinbit-prod-cms-tg-444 | HTTPS | 444 | instance | HTTPS:/ |
| spinbit-prod-other-ecs-alb | spinbit-prod-bo-tg-443 | HTTPS | 443 | instance | HTTPS:/player/api/v1/ping |
| spinbit-prod-other-ecs-alb | spinbit-prod-cdn-cms-tg-449 | HTTPS | 449 | instance | HTTPS:/health |
| spinbit-prod-other-ecs-alb | spinbit-prod-elk-tg-443 | HTTPS | 443 | instance | HTTPS:/ |
| spinbit-prod-other-ecs-alb | spinbit-prod-fastrckproxy-tg-445 | HTTPS | 445 | instance | HTTPS:/healthcheck |
| spinbit-prod-other-ecs-alb | spinbit-prod-fe-tg-443 | HTTPS | 443 | instance | HTTPS:/robots.txt |
| spinbit-prod-other-ecs-alb | spinbit-prod-graylog-tg-443 | HTTPS | 443 | instance | HTTPS:/ |
| spinbit-prod-other-ecs-alb | spinbit-prod-intglog-tg-443 | HTTPS | 443 | instance | HTTPS:/ |
| spinbit-prod-other-ecs-alb | spinbit-prod-metbase-tg-443 | HTTPS | 443 | instance | HTTPS:/ |
| spinbit-prod-other-ecs-alb | spinbit-prod-mon-tg-443 | HTTPS | 443 | instance | HTTPS:/ |
| spinbit-prod-other-ecs-alb | spinbit-prod-seonproxy-tg-450 | HTTPS | 450 | instance | HTTPS:/healthcheck |
| spinbit-prod-other-ecs-alb | spinbit-prod-ws-tg-6002 | HTTPS | 6002 | instance | HTTPS:/ |
| spinbit-prod-ecs-internal-alb | spinbit-prod-cms-internal-444 | HTTPS | 444 | instance | HTTPS:/ |
Security Groups (In Use)
| Name | Group ID | VPC | Used By | Inbound Ports | Outbound Ports | Open to Internet | Tags |
|---|---|---|---|---|---|---|---|
| spinbit-prod-allow-http-https | sg-07c33855522b17437 |
vpc-09b074fdbeb9bb741 | APPLICATION(2), EC2(1) | tcp:443, tcp:80 | All | Yes | map-migrated=migS0EK6JMBZCCustomer=spinbitEnvironment=prod |
| spinbit-prod-allow-ssh | sg-0511ef4a06bd1c829 |
vpc-09b074fdbeb9bb741 | EC2(2) | tcp:22 | All | No | Customer=spinbitEnvironment=prodmap-migrated=migS0EK6JMBZC |
| spinbit-prod-allow-local-port-3306 | sg-0845112e9dd8414b9 |
vpc-09b074fdbeb9bb741 | RDS(2) | tcp:0-65535, tcp:3306 | All | No | Environment=prodmap-migrated=migS0EK6JMBZCCustomer=spinbit |
| spinbit-prod-allow-local | sg-020f19ed3009e9732 |
vpc-09b074fdbeb9bb741 | APPLICATION(1), EC2(14), ECS(3), Lambda(1) | All, tcp:0-65535, tcp:5439 | All | No | Customer=spinbitmap-migrated=migS0EK6JMBZCEnvironment=prod |
Security Group Rules Detail
| Security Group | Direction | Protocol | Port Range | Source/Destination |
|---|---|---|---|---|
spinbit-prod-allow-http-https sg-07c33855522b17437 |
Inbound | tcp | 80 | 0.0.0.0/0 |
spinbit-prod-allow-http-https sg-07c33855522b17437 |
Inbound | tcp | 443 | 0.0.0.0/0 |
spinbit-prod-allow-ssh sg-0511ef4a06bd1c829 |
Inbound | tcp | 22 | 14.161.16.211/32, 115.78.100.17/32, 119.93.179.143/32, 18.185.233.97/32, 118.69.133.85/32 |
spinbit-prod-allow-local-port-3306 sg-0845112e9dd8414b9 |
Inbound | tcp | 0-65535 | sg: sg-0845112e9dd8414b9 |
spinbit-prod-allow-local-port-3306 sg-0845112e9dd8414b9 |
Inbound | tcp | 3306 | 10.0.3.0/24, 10.0.1.0/24, 10.0.2.127/32 |
spinbit-prod-allow-local sg-020f19ed3009e9732 |
Inbound | tcp | 5439 | 11.0.0.0/16 |
spinbit-prod-allow-local sg-020f19ed3009e9732 |
Inbound | tcp | 0-65535 | sg: sg-020f19ed3009e9732 |
spinbit-prod-allow-local sg-020f19ed3009e9732 |
Inbound | All | All | 10.0.3.0/24, 10.0.4.0/24, 10.0.2.0/24, 10.0.1.0/24 |
spinbit-prod-allow-http-https sg-07c33855522b17437 |
Outbound | All | All | 0.0.0.0/0 |
spinbit-prod-allow-ssh sg-0511ef4a06bd1c829 |
Outbound | All | All | 0.0.0.0/0 |
spinbit-prod-allow-local-port-3306 sg-0845112e9dd8414b9 |
Outbound | All | All | 0.0.0.0/0 |
spinbit-prod-allow-local sg-020f19ed3009e9732 |
Outbound | All | All | 0.0.0.0/0 |
Compliance Findings
Network & Security (Section 5.2)
1
Open Security Groups (0.0.0.0/0)
6
EC2 Without IMDSv2
Yes
CloudTrail Enabled
Data Protection (Section 5.4)
16
Unencrypted EBS Volumes
0
Unencrypted RDS
59
SQS Without Encryption
Logging & Monitoring (Section 5.3)
5
Log Groups (No Retention)
RDS Standards (Section 7)
0
Public RDS Instances
2
RDS Without Multi-AZ
0
RDS Without Backups
Lambda Standards (Section 7)
0
Lambda Default Timeout (3s)
4
Lambda Without DLQ
SQS Standards (Section 7)
59
SQS Without DLQ
ECS Standards (Section 7)
27
Plaintext Env Vars
0
Privileged Containers