🔐 IAM (Global)
IAM Compliance Findings
4
Total IAM Users
4
Users Without MFA
4
Access Keys >90 Days Old
0
Users with Admin Access
IAM Users
| User Name | MFA Enabled | Access Key ID | Key Status | Key Created |
|---|---|---|---|---|
| vegastars_dev_cms_nginx_s3_gateway | No | AKIAZKITO5ORSHVJ6NXV | Active | 2025-08-27 |
| vegastars_dev_ecs_deploy | No | AKIAZKITO5OR4K73YBEC | Active | 2025-08-26 |
| vegastars_dev_s3upload | No | AKIAZKITO5OR7Y64A3GE | Active | 2025-08-26 |
| vegastars_dev_sqs | No | AKIAZKITO5ORXJXZTFWM | Active | 2025-08-27 |
📍 Region: eu-west-2
VPCs & Subnets
| Name | VPC ID | CIDR Block | State | Tenancy | Tags |
|---|---|---|---|---|---|
| aws-controltower-VPC | vpc-02e29d27d5fc0bd7d |
172.31.0.0/16 | available | default | aws:cloudformation:logical-id=VPCaws:cloudformation:stack-id=arn:aws:cloudformation:eu-west-2:640527821731:stack/StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-f4fa823c-2a69-4604-aa79-6eb962e46565/2ccca500-2abd-11f0-9885-06751f76d455aws:cloudformation:stack-name=StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-f4fa823c-2a69-4604-aa79-6eb962e46565 |
Subnets
| Name | Subnet ID | VPC ID | CIDR Block | AZ | Available IPs | Public IP on Launch | Tags |
|---|---|---|---|---|---|---|---|
| aws-controltower-PrivateSubnet2A | subnet-0e8391555924c9cab |
vpc-02e29d27d5fc0bd7d | 172.31.32.0/20 | eu-west-2b | 4091 | No | aws:cloudformation:logical-id=PrivateSubnet2Aaws:cloudformation:stack-id=arn:aws:cloudformation:eu-west-2:640527821731:stack/StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-f4fa823c-2a69-4604-aa79-6eb962e46565/2ccca500-2abd-11f0-9885-06751f76d455aws:cloudformation:stack-name=StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-f4fa823c-2a69-4604-aa79-6eb962e46565Network=Private |
| aws-controltower-PrivateSubnet1A | subnet-0eb1a02003aab44a6 |
vpc-02e29d27d5fc0bd7d | 172.31.64.0/20 | eu-west-2a | 4091 | No | aws:cloudformation:logical-id=PrivateSubnet1Aaws:cloudformation:stack-id=arn:aws:cloudformation:eu-west-2:640527821731:stack/StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-f4fa823c-2a69-4604-aa79-6eb962e46565/2ccca500-2abd-11f0-9885-06751f76d455Network=Privateaws:cloudformation:stack-name=StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-f4fa823c-2a69-4604-aa79-6eb962e46565 |
| aws-controltower-PrivateSubnet3A | subnet-04b6ba266933b0658 |
vpc-02e29d27d5fc0bd7d | 172.31.80.0/20 | eu-west-2c | 4091 | No | aws:cloudformation:logical-id=PrivateSubnet3ANetwork=Privateaws:cloudformation:stack-name=StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-f4fa823c-2a69-4604-aa79-6eb962e46565aws:cloudformation:stack-id=arn:aws:cloudformation:eu-west-2:640527821731:stack/StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-f4fa823c-2a69-4604-aa79-6eb962e46565/2ccca500-2abd-11f0-9885-06751f76d455 |
Lambda Functions
| Function Name | Runtime | Memory | Timeout | VPC | Last Modified | Tags |
|---|---|---|---|---|---|---|
| aws-controltower-NotificationForwarder | python3.13 | 128 MB | 60s | No VPC | 2025-08-21 | aws:cloudformation:logical-id=ForwardSnsNotificationaws:cloudformation:stack-id=arn:aws:cloudformation:eu-west-2:640527821731:stack/StackSet-AWSControlTowerBP-BASELINE-CLOUDWATCH-345c836d-791e-403c-adf2-debcc98de60c/9aa0c0d0-2abc-11f0-80c5-0af3b2213075aws:cloudformation:stack-name=StackSet-AWSControlTowerBP-BASELINE-CLOUDWATCH-345c836d-791e-403c-adf2-debcc98de60c |
CloudWatch Log Groups
Total Log Groups: 2
Without Retention Policy: 0
| Log Group Name | Retention (Days) | Stored Size |
|---|---|---|
/aws/lambda/aws-controltower-NotificationForwarder |
14 | 0 B |
StackSet-AWSControlTowerBP-VPC-ACCOUNT-FACTORY-V1-f4fa823c-2a69-4604-aa79-6eb962e46565-VPCFlowLogsLogGroup-5kUs89FvDkI7 |
90 | 0 B |
Compliance Findings
Network & Security (Section 5.2)
0
Open Security Groups (0.0.0.0/0)
0
EC2 Without IMDSv2
Yes
CloudTrail Enabled
Data Protection (Section 5.4)
0
Unencrypted EBS Volumes
0
Unencrypted RDS
0
SQS Without Encryption
Logging & Monitoring (Section 5.3)
0
Log Groups (No Retention)
RDS Standards (Section 7)
0
Public RDS Instances
0
RDS Without Multi-AZ
0
RDS Without Backups
Lambda Standards (Section 7)
0
Lambda Default Timeout (3s)
1
Lambda Without DLQ
SQS Standards (Section 7)
0
SQS Without DLQ
ECS Standards (Section 7)
0
Plaintext Env Vars
0
Privileged Containers
📍 Region: ap-east-1
VPCs & Subnets
| Name | VPC ID | CIDR Block | State | Tenancy | Tags |
|---|---|---|---|---|---|
| vegastars-dev-vpc | vpc-0e0b00e28a6c09900 |
10.20.0.0/16 | available | default | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
Subnets
| Name | Subnet ID | VPC ID | CIDR Block | AZ | Available IPs | Public IP on Launch | Tags |
|---|---|---|---|---|---|---|---|
| vegastars-dev-private-subnet-1 | subnet-0149f46e6c2635332 |
vpc-0e0b00e28a6c09900 | 10.20.1.0/24 | ap-east-1a | 241 | No | Customer=vegastarsmap-migrated=migS0EK6JMBZCEnvironment=dev |
| vegastars-dev-public-subnet-1 | subnet-025839bf85ced4c01 |
vpc-0e0b00e28a6c09900 | 10.20.2.0/24 | ap-east-1a | 246 | No | Customer=vegastarsEnvironment=devmap-migrated=migS0EK6JMBZC |
| vegastars-dev-private-subnet-2 | subnet-0305936d9c9f4a6f8 |
vpc-0e0b00e28a6c09900 | 10.20.3.0/24 | ap-east-1b | 246 | No | Customer=vegastarsEnvironment=devmap-migrated=migS0EK6JMBZC |
| vegastars-dev-public-subnet-2 | subnet-0381fbff49188580d |
vpc-0e0b00e28a6c09900 | 10.20.4.0/24 | ap-east-1b | 250 | No | Environment=devCustomer=vegastarsmap-migrated=migS0EK6JMBZC |
EC2 Instances
| Name | Instance ID | Type | State | Public IP | Private IP | VPC | Security Groups | AMI | Key Pair | IAM Profile | EBS Volumes | IMDSv2 | Tags |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| vegastars_dev_integration_graylog | i-07ba18aa086798fbe |
t3.large | running | - | 10.20.3.109 | vpc-0e0b00e28a6c09900 | sg-0b31cc53d69762373 | ami-083fd886776f49884 | vegastars_dev_Aug2025 | vegastars_dev_SSMInstanceProfile | 1 | optional | map-migrated=migS0EK6JMBZCEnvironment=devCustomer=vegastars |
| vegastars_dev_bastion_host | i-0e062245df8cffe45 |
t3.micro | running | 54.46.73.196 | 10.20.2.137 | vpc-0e0b00e28a6c09900 | sg-0b46e3b913df61112 | ami-0c815d298114f624e | vegastars_dev_Aug2025 | vegastars_dev_SSMInstanceProfile | 1 | required | Customer=vegastarsmap-migrated=migS0EK6JMBZCEnvironment=dev |
| vegastars_dev_sharky | i-09d214b3defb25fce |
t3.small | running | - | 10.20.1.254 | vpc-0e0b00e28a6c09900 | sg-0b31cc53d69762373 | ami-0c815d298114f624e | vegastars_dev_Aug2025 | vegastars_dev_SSMInstanceProfile | 1 | required | map-migrated=migS0EK6JMBZCEnvironment=devCustomer=vegastars |
| vegastars_dev_graylog | i-0bfb0cc0a5cd856cb |
t3.xlarge | running | - | 10.20.1.14 | vpc-0e0b00e28a6c09900 | sg-0b31cc53d69762373 | ami-01abbc7b2b45338f4 | vegastars_dev_Aug2025 | vegastars_dev_SSMInstanceProfile | 1 | optional | Customer=vegastarsmap-migrated=migS0EK6JMBZCEnvironment=dev |
| vegastars_dev_metabase | i-057a1b562230dba9a |
t3.medium | running | - | 10.20.1.25 | vpc-0e0b00e28a6c09900 | sg-0b31cc53d69762373 | ami-0b72c091429455bb2 | vegastars_dev_Aug2025 | vegastars_dev_SSMInstanceProfile | 1 | optional | Customer=vegastarsEnvironment=devmap-migrated=migS0EK6JMBZC |
| vegastars_dev_elk | i-085dae575d40669d0 |
t3.medium | running | - | 10.20.1.101 | vpc-0e0b00e28a6c09900 | sg-0b31cc53d69762373 | ami-0a112f1357a3cd19f | vegastars_dev_Aug2025 | vegastars_dev_SSMInstanceProfile | 1 | optional | Environment=devmap-migrated=migS0EK6JMBZCCustomer=vegastars |
| vegastars-dev-bitbucket-runner-0-spot-instance | i-0c2ee249bd0c843ef |
t3.large | running | - | 10.20.1.140 | vpc-0e0b00e28a6c09900 | sg-0b31cc53d69762373 | ami-01a291765bedcfbd4 | vegastars_dev_Aug2025 | vegastars_dev_SSMInstanceProfile | 1 | optional | Environment=devCustomer=vegastarsaws:ec2spot:fleet-request-id=sfr-e411b15e-eb92-4068-9e77-e9ee430d9234 |
| ECS Instance - EC2ContainerService-vegastars-dev-ecs-cluster | i-0336da4016ea5984e |
c5a.4xlarge | running | - | 10.20.1.81 | vpc-0e0b00e28a6c09900 | sg-0b31cc53d69762373 | ami-00c3ad5fa9fbf528a | vegastars_dev_Aug2025 | vegastars_dev_SSM_EcsInstanceProfile | 1 | required | AmazonECSManaged=ECS Cluster managed by Amazonaws:ec2launchtemplate:id=lt-00a506b8b1dab0b26Environment=devCustomer=vegastarsaws:ec2launchtemplate:version=3aws:autoscaling:groupName=vegastars-dev-Asg-ecs-cluster |
EBS Volumes
| Name | Volume ID | Size (GiB) | Type | State | Encrypted | IOPS | Attached Instance | Device | AZ | Tags |
|---|---|---|---|---|---|---|---|---|---|---|
| vegastars_dev_integration_graylog_volume | vol-06d52a083c13a0bcc |
60 | gp3 | in-use | No | 3000 | i-07ba18aa086798fbe | /dev/sda1 | ap-east-1b | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| vegastars_dev_graylog_volume | vol-0542345d495d4d25b |
70 | gp3 | in-use | No | 3000 | i-0bfb0cc0a5cd856cb | /dev/sda1 | ap-east-1a | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| vegastars_dev_elk_volume | vol-0681b48225ed5c6c9 |
30 | gp3 | in-use | No | 3000 | i-085dae575d40669d0 | /dev/sda1 | ap-east-1a | map-migrated=migS0EK6JMBZCEnvironment=devCustomer=vegastars |
| vegastars_dev_sharky_volume | vol-00132f77c003036e5 |
15 | gp3 | in-use | No | 3000 | i-09d214b3defb25fce | /dev/sda1 | ap-east-1a | Customer=vegastarsEnvironment=devmap-migrated=migS0EK6JMBZC |
| - | vol-0654903b5baec7fc4 |
100 | gp3 | in-use | No | 5000 | i-0336da4016ea5984e | /dev/xvda | ap-east-1a | - |
| vegastars_dev_bastion_host_volume | vol-06f90ed9773ec1adf |
50 | gp3 | in-use | No | 3000 | i-0e062245df8cffe45 | /dev/sda1 | ap-east-1a | Environment=devCustomer=vegastarsmap-migrated=migS0EK6JMBZC |
| vegastars_dev_metabase_volume | vol-019787211a30c2309 |
50 | gp3 | in-use | No | 3000 | i-057a1b562230dba9a | /dev/sda1 | ap-east-1a | Environment=devmap-migrated=migS0EK6JMBZCCustomer=vegastars |
| - | vol-0684f2910c3d3c37c |
30 | gp3 | in-use | No | 3000 | i-0c2ee249bd0c843ef | /dev/sda1 | ap-east-1a | - |
ECS Clusters
| Cluster Name | Status | Running Tasks | Pending Tasks | Active Services | Container Instances |
|---|---|---|---|---|---|
| vegastars-dev-ecs-cluster | ACTIVE | 9 | 0 | 9 | 1 |
ECS Services
| Service Name | Status | Desired | Running | Launch Type | Task Definition | Load Balancers | Security Groups |
|---|---|---|---|---|---|---|---|
| vegastars-dev-callback-service | ACTIVE | 1 | 1 | EC2 | vegastars-dev-callback-task-definitions:198 | 1 target groups | |
| vegastars-dev-websocket-services | ACTIVE | 1 | 1 | EC2 | vegastars-dev-websocket-task-definitions:2 | 2 target groups | |
| vegastars-dev-fe-service | ACTIVE | 1 | 1 | EC2 | vegastars-dev-fe-task-definitions:150 | 1 target groups | |
| vegastars-dev-api-service | ACTIVE | 1 | 1 | EC2 | vegastars-dev-api-task-definitions:195 | 1 target groups | |
| vegastars-dev-cms-service | ACTIVE | 1 | 1 | EC2 | vegastars-dev-cms-task-definitions:5 | 2 target groups | |
| vegastars-dev-bo-service | ACTIVE | 1 | 1 | EC2 | vegastars-dev-bo-task-definitions:196 | 1 target groups | |
| vegastars-dev-cdn-cms-service | ACTIVE | 1 | 1 | EC2 | vegastars-dev-cdn-cms-task-definitions:2 | 1 target groups | |
| vegastars-dev-queue-worker-service | ACTIVE | 1 | 1 | EC2 | vegastars-dev-queue-worker-task-definitions:195 | 0 target groups | |
| vegastars-dev-cronjob-service | ACTIVE | 1 | 1 | EC2 | vegastars-dev-cronjob-task-definitions:194 | 0 target groups |
ECS Task Definitions (Active)
| Family | Rev | CPU | Memory | Containers | Task Role | Privileged | Env Vars | Secrets | Log Config |
|---|---|---|---|---|---|---|---|---|---|
| vegastars-dev-api-task-definitions | 195 | - | - | 3 | No | No | 9 | 0 | No logs |
| vegastars-dev-bo-task-definitions | 196 | - | - | 3 | No | No | 9 | 0 | No logs |
| vegastars-dev-callback-task-definitions | 198 | - | - | 3 | No | No | 9 | 0 | No logs |
| vegastars-dev-cdn-cms-task-definitions | 2 | - | - | 1 | No | No | 0 | 0 | No logs |
| vegastars-dev-cms-task-definitions | 5 | - | - | 2 | No | No | 1 | 0 | No logs |
| vegastars-dev-cronjob-task-definitions | 194 | - | - | 3 | No | No | 4 | 0 | No logs |
| vegastars-dev-fe-task-definitions | 150 | - | - | 2 | No | No | 1 | 0 | No logs |
| vegastars-dev-queue-worker-task-definitions | 195 | - | - | 3 | No | No | 4 | 0 | No logs |
| vegastars-dev-websocket-task-definitions | 2 | - | - | 3 | No | No | 0 | 0 | No logs, json-file |
Container Configuration Detail
⚠️ Plaintext environment variables should be avoided for sensitive data. Use Secrets Manager or SSM Parameter Store. log_router containers are excluded.
| Task Definition | Container | Image | Log Config | Plaintext Env Vars | Secrets (SSM/SM) |
|---|---|---|---|---|---|
| vegastars-dev-api-task-definitions:195 | terragon-api | 640527821731.dkr.ecr.ap-east-1.amazonaws.com/vegastar-dev-api:00e6db5-3787-develop | No logs | SERVER_PORTSERVICE_NAMESERVER_NAMECADDY_SERVER_WORKER_COUNTFRANKENPHP_WORKER_PATH | - |
| vegastars-dev-api-task-definitions:195 | filebeat | 640527821731.dkr.ecr.ap-east-1.amazonaws.com/vegastar-dev-filebeat:4.1 | No logs | GRAYLOG_INTEGRATION_HOSTGRAYLOG_HOSTGRAYLOG_INTEGRATION_LISTEN_PORTGRAYLOG_LISTEN_PORT | - |
| vegastars-dev-api-task-definitions:195 | redis | redis:alpine | No logs | None | - |
| vegastars-dev-bo-task-definitions:196 | terragon-bo | 640527821731.dkr.ecr.ap-east-1.amazonaws.com/vegastar-dev-bo:00e6db5-3787-develop | No logs | SERVER_PORTSERVICE_NAMESERVER_NAMECADDY_SERVER_WORKER_COUNTFRANKENPHP_WORKER_PATH | - |
| vegastars-dev-bo-task-definitions:196 | filebeat | 640527821731.dkr.ecr.ap-east-1.amazonaws.com/vegastar-dev-filebeat:4.1 | No logs | GRAYLOG_INTEGRATION_HOSTGRAYLOG_HOSTGRAYLOG_INTEGRATION_LISTEN_PORTGRAYLOG_LISTEN_PORT | - |
| vegastars-dev-bo-task-definitions:196 | redis | redis:alpine | No logs | None | - |
| vegastars-dev-callback-task-definitions:198 | terragon-callback | 640527821731.dkr.ecr.ap-east-1.amazonaws.com/vegastar-dev-callback:00e6db5-3787-develop | No logs | SERVER_PORTSERVICE_NAMESERVER_NAMECADDY_SERVER_WORKER_COUNTFRANKENPHP_WORKER_PATH | - |
| vegastars-dev-callback-task-definitions:198 | filebeat | 640527821731.dkr.ecr.ap-east-1.amazonaws.com/vegastar-dev-filebeat:4.1 | No logs | GRAYLOG_INTEGRATION_HOSTGRAYLOG_HOSTGRAYLOG_INTEGRATION_LISTEN_PORTGRAYLOG_LISTEN_PORT | - |
| vegastars-dev-callback-task-definitions:198 | redis | redis:alpine | No logs | None | - |
| vegastars-dev-cdn-cms-task-definitions:2 | nginx-s3-gateway | 640527821731.dkr.ecr.ap-east-1.amazonaws.com/vegastar-dev-nginx-base:s3-gateway-1.0 | No logs | None | - |
| vegastars-dev-cms-task-definitions:5 | nginx-cms | 640527821731.dkr.ecr.ap-east-1.amazonaws.com/vegastar-dev-nginx-base:3.0 | No logs | NGINX_DEFAULT_CONF_FILE | - |
| vegastars-dev-cms-task-definitions:5 | terragon-cms | 640527821731.dkr.ecr.ap-east-1.amazonaws.com/vegastar-dev-cms:ac0e6c6-8-develop-new | No logs | None | - |
| vegastars-dev-cronjob-task-definitions:194 | cronjob | 640527821731.dkr.ecr.ap-east-1.amazonaws.com/vegastar-dev-cronjob:00e6db5-3787-develop | No logs | None | - |
| vegastars-dev-cronjob-task-definitions:194 | filebeat | 640527821731.dkr.ecr.ap-east-1.amazonaws.com/vegastar-dev-filebeat:4.1 | No logs | GRAYLOG_INTEGRATION_HOSTGRAYLOG_HOSTGRAYLOG_INTEGRATION_LISTEN_PORTGRAYLOG_LISTEN_PORT | - |
| vegastars-dev-cronjob-task-definitions:194 | redis | redis:alpine | No logs | None | - |
| vegastars-dev-fe-task-definitions:150 | nginx-fe | 640527821731.dkr.ecr.ap-east-1.amazonaws.com/vegastar-dev-nginx-base:3.0 | No logs | NGINX_DEFAULT_CONF_FILE | - |
| vegastars-dev-fe-task-definitions:150 | app | 640527821731.dkr.ecr.ap-east-1.amazonaws.com/vegastar-dev-fe:ae214f5-21054807639-develop | No logs | None | - |
| vegastars-dev-queue-worker-task-definitions:195 | queue-worker | 640527821731.dkr.ecr.ap-east-1.amazonaws.com/vegastar-dev-queue-worker:00e6db5-3787-develop | No logs | None | - |
| vegastars-dev-queue-worker-task-definitions:195 | filebeat | 640527821731.dkr.ecr.ap-east-1.amazonaws.com/vegastar-dev-filebeat:4.1 | No logs | GRAYLOG_INTEGRATION_HOSTGRAYLOG_HOSTGRAYLOG_INTEGRATION_LISTEN_PORTGRAYLOG_LISTEN_PORT | - |
| vegastars-dev-queue-worker-task-definitions:195 | redis | redis:alpine | No logs | None | - |
| vegastars-dev-websocket-task-definitions:2 | nginx-websocket | 640527821731.dkr.ecr.ap-east-1.amazonaws.com/vegastar-dev-nginx-base:3.0 | No logs | None | - |
| vegastars-dev-websocket-task-definitions:2 | app | 640527821731.dkr.ecr.ap-east-1.amazonaws.com/vegastar-dev-soketi:1.0-16-debian | json-file | None | - |
| vegastars-dev-websocket-task-definitions:2 | redis | redis:alpine | No logs | None | - |
RDS Instances
| DB Identifier | Engine | Class | Status | Storage | Encrypted | Multi-AZ | Public | Backup | Delete Prot. | Tags |
|---|---|---|---|---|---|---|---|---|---|---|
| vegastars-dev-aurora-primary-cluster-instance-0 | aurora-mysql 8.0.mysql_aurora.3.08.2 | db.t4g.medium | available | 1 GiB | Yes | No | No | 7d | No | map-migrated=migS0EK6JMBZCEnvironment=devCustomer=vegastarsName=vegastars-dev-database-writer |
SQS Queues
Total Queues: 55
Without Encryption: 55
Without DLQ: 55
| Queue Name | Type | Encrypted | DLQ Configured | Visibility Timeout | Messages | Tags |
|---|---|---|---|---|---|---|
| accumulate_bonus_programs_ref_vegastars_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| accumulate_bonus_programs_referral_vegastars_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| accumulate_bonus_programs_settle_vegastars_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| accumulate_bonus_programs_vegastars_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| assign_new_game_to_game_segment_vegastars_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| audit_logs_vegastars_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| automatic_withdrawal_vegastars_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| betting_limit_vegastars_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| bonuses_vegastars_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| broadcast_balance_vegastars_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| broadcast_game_rounds_vegastars_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| broadcast_recent_games_vegastars_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| broadcast_recent_rewards_vegastars_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| broadcast_recent_tournament_leaderboards_vegastars_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| broadcast_vegastars_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| calendar_bonus_programs_vegastars_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| campaign_message_vegastars_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| challenges_vegastars_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| compliance_actions_vegastars_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| compliances_vegastars_dev.fifo | FIFO | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| crm_high_vegastars_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| crm_vegastars_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| default_vegastars_dev | Standard | No | No | 300s | 12 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| emails_vegastars_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| export_vegastars_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| game_log_locks_vegastars_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| game_logs_vegastars_dev.fifo | FIFO | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| import_batches_vegastars_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| loyalty_programs_vegastars_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| player_activities_vegastars_dev | Standard | No | No | 300s | 1 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| player_flagged_computing_vegastars_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| player_tips_vegastars_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| player_tracking_session_computing_vegastars_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| player_transaction_summary_realtime_vegastars_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| player_transactional_summary_vegastars_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| player_vip_vegastars_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| player_vips_vegastars_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| post_wagered_bonus_programs_vegastars_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| quests_vegastars_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| rebate_programs_vegastars_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| recent_games_vegastars_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| referral_plans_vegastars_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| retry_queue_vegastars_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| risk_fraud_vegastars_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| segments_computing_vegastars_dev.fifo | FIFO | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| segments_vegastars_dev | Standard | No | No | 300s | 1 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| segments_vegastars_dev.fifo | FIFO | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| sms_vegastars_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| sportbook_bet_detail_vegastars_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| spotlight-search_vegastars_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| telescope_vegastars_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| tournaments_vegastars_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| trigger_scheduled_programs_vegastars_dev | Standard | No | No | 300s | 7 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| wagering_requirements_vegastars_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| webhook_call_vegastars_dev | Standard | No | No | 300s | 0 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
Secrets Manager
Total Secrets: 5
Without Rotation: 5
| Secret Name | Description | KMS Key | Rotation | Last Rotated | Last Accessed | Tags |
|---|---|---|---|---|---|---|
| vegastars-dev-rds-admin-password | - | secretsmanager |
Disabled | - | 2026-01-13 | map-migrated=migS0EK6JMBZCEnvironment=devCustomer=vegastars |
| vegastars-dev-redshift-admin-password | - | secretsmanager |
Disabled | - | 2026-01-13 | Customer=vegastarsEnvironment=dev |
| vegastars-dev-other-credentials | - | secretsmanager |
Disabled | - | 2025-12-04 | map-migrated=migS0EK6JMBZCEnvironment=devCustomer=vegastars |
| voltrush-dev-rds-admin-password | - | secretsmanager |
Disabled | - | 2025-12-09 | map-migrated=migS0EK6JMBZCEnvironment=devCustomer=voltrush |
| voltrush-dev-other-credentials | - | secretsmanager |
Disabled | - | 2025-12-09 | map-migrated=migS0EK6JMBZCEnvironment=devCustomer=voltrush |
AWS Amplify Apps
| App Name | App ID | Platform | Repository | Default Domain | Production Branch | Branches | Created | Tags |
|---|---|---|---|---|---|---|---|---|
| vegastars-frontend | dkknpyh3t46x2 |
WEB_COMPUTE | https://github.com/bwgservices/vegastars-frontend | dkknpyh3t46x2.amplifyapp.com | develop | 9 | 2026-01-12 | - |
Amplify Branches
| App Name | Branch Name | Stage | Framework | Auto Build | Basic Auth | Total Jobs |
|---|---|---|---|---|---|---|
| vegastars-frontend | develop | PRODUCTION | Next.js - SSR | Yes | No | 0 |
| vegastars-frontend | pr-2750 | PULL_REQUEST | - | Yes | No | 0 |
| vegastars-frontend | pr-2752 | PULL_REQUEST | - | Yes | No | 0 |
| vegastars-frontend | pr-2753 | PULL_REQUEST | - | Yes | No | 0 |
| vegastars-frontend | pr-2754 | PULL_REQUEST | - | Yes | No | 0 |
| vegastars-frontend | pr-2755 | PULL_REQUEST | - | Yes | No | 0 |
| vegastars-frontend | pr-2756 | PULL_REQUEST | - | Yes | No | 0 |
| vegastars-frontend | pr-2758 | PULL_REQUEST | - | Yes | No | 0 |
| vegastars-frontend | pr-2759 | PULL_REQUEST | - | Yes | No | 0 |
CloudWatch Log Groups
Total Log Groups: 7
Without Retention Policy: 6
| Log Group Name | Retention (Days) | Stored Size |
|---|---|---|
/aws/amplify/dkknpyh3t46x2 |
Never Expire | 0 B |
/aws/rds/cluster/vegastars-dev-primary-cluster/error |
Never Expire | 156.39 MB |
/aws/rds/cluster/vegastars-dev-primary-cluster/slowquery |
Never Expire | 1.26 GB |
/aws/rds/cluster/voltrush-dev-aurora-primary-cluster-instance-3-cluster/error |
Never Expire | 25.13 KB |
/aws/rds/cluster/voltrush-dev-primary-cluster/error |
Never Expire | 55.84 KB |
/aws/rds/cluster/voltrush-dev-primary-cluster/slowquery |
Never Expire | 22.75 MB |
RDSOSMetrics |
30 | 70.02 MB |
Application & Network Load Balancers
| Name | Type | Scheme | State | DNS Name | VPC | AZs | Listeners | Target Groups | Tags |
|---|---|---|---|---|---|---|---|---|---|
| vegastars-dev-ecs-alb | APPLICATION | internet-facing | active | vegastars-dev-ecs-alb-1789552424.ap-east-1.elb.amazonaws.com | vpc-0e0b00e28a6c09900 | 2 | HTTPS:443, HTTP:80 | 11 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
| vegastars-dev-ecs-intnl-alb | APPLICATION | internal | active | internal-vegastars-dev-ecs-intnl-alb-306220527.ap-east-1.elb.amazonaws.com | vpc-0e0b00e28a6c09900 | 2 | HTTP:80, HTTPS:443 | 2 | map-migrated=migS0EK6JMBZCCustomer=vegastarsEnvironment=dev |
Target Groups
| Load Balancer | Target Group Name | Protocol | Port | Target Type | Health Check |
|---|---|---|---|---|---|
| vegastars-dev-ecs-alb | vegastars-dev-api-tg-441 | HTTPS | 441 | instance | HTTPS:/robots.txt |
| vegastars-dev-ecs-alb | vegastars-dev-bo-tg-440 | HTTPS | 440 | instance | HTTPS:/robots.txt |
| vegastars-dev-ecs-alb | vegastars-dev-callbk-tg-442 | HTTPS | 442 | instance | HTTPS:/robots.txt |
| vegastars-dev-ecs-alb | vegastars-dev-cdncms-tg-449 | HTTPS | 449 | instance | HTTPS:/health |
| vegastars-dev-ecs-alb | vegastars-dev-cms-tg-444 | HTTPS | 444 | instance | HTTPS:/ |
| vegastars-dev-ecs-alb | vegastars-dev-elk-tg-443 | HTTPS | 443 | instance | HTTPS:/ |
| vegastars-dev-ecs-alb | vegastars-dev-fe-tg-443 | HTTPS | 443 | instance | HTTPS:/robots.txt |
| vegastars-dev-ecs-alb | vegastars-dev-graylg-tg-443 | HTTPS | 443 | instance | HTTPS:/ |
| vegastars-dev-ecs-alb | vegastars-dev-intgrlg-tg443 | HTTPS | 443 | instance | HTTPS:/ |
| vegastars-dev-ecs-alb | vegastars-dev-metbase-tg-443 | HTTPS | 443 | instance | HTTPS:/ |
| vegastars-dev-ecs-alb | vegastars-dev-wbsket-tg6002 | HTTPS | 6002 | instance | HTTPS:/ |
| vegastars-dev-ecs-intnl-alb | vegastars-dev-cms-intnl-444 | HTTPS | 444 | instance | HTTPS:/ |
| vegastars-dev-ecs-intnl-alb | vegastars-dev-websocket-int-6002 | HTTPS | 6002 | instance | HTTPS:/ |
Security Groups (In Use)
| Name | Group ID | VPC | Used By | Inbound Ports | Outbound Ports | Open to Internet | Tags |
|---|---|---|---|---|---|---|---|
| vegastars-dev-allow-http-https | sg-01034766709b20a6a |
vpc-0e0b00e28a6c09900 | APPLICATION(1) | tcp:443, tcp:80 | All | Yes | Customer=vegastarsEnvironment=devmap-migrated=migS0EK6JMBZC |
| vegastars-dev-allow-ssh | sg-0b46e3b913df61112 |
vpc-0e0b00e28a6c09900 | EC2(1) | tcp:22 | All | No | Environment=devmap-migrated=migS0EK6JMBZCCustomer=vegastars |
| vegastars-dev-allow-local | sg-0b31cc53d69762373 |
vpc-0e0b00e28a6c09900 | APPLICATION(1), EC2(7) | All | All | No | map-migrated=migS0EK6JMBZCEnvironment=devCustomer=vegastars |
| vegastars-dev-allow-local-port-3306 | sg-0c361f96e4178913c |
vpc-0e0b00e28a6c09900 | RDS(1) | tcp:3306 | All | No | map-migrated=migS0EK6JMBZCEnvironment=devCustomer=vegastars |
Security Group Rules Detail
| Security Group | Direction | Protocol | Port Range | Source/Destination |
|---|---|---|---|---|
vegastars-dev-allow-http-https sg-01034766709b20a6a |
Inbound | tcp | 80 | 0.0.0.0/0 |
vegastars-dev-allow-http-https sg-01034766709b20a6a |
Inbound | tcp | 443 | 0.0.0.0/0 |
vegastars-dev-allow-ssh sg-0b46e3b913df61112 |
Inbound | tcp | 22 | 115.78.100.17/32, 119.93.179.143/32, 14.161.16.211/32, 115.79.29.29/32, 118.69.133.85/32 |
vegastars-dev-allow-local sg-0b31cc53d69762373 |
Inbound | All | All | 10.20.4.0/24, 10.20.3.0/24, 10.20.2.0/24, 10.20.1.0/24 |
vegastars-dev-allow-local-port-3306 sg-0c361f96e4178913c |
Inbound | tcp | 3306 | 10.20.3.0/24, 10.20.1.0/24, 10.20.2.137/32 |
vegastars-dev-allow-http-https sg-01034766709b20a6a |
Outbound | All | All | 0.0.0.0/0 |
vegastars-dev-allow-ssh sg-0b46e3b913df61112 |
Outbound | All | All | 0.0.0.0/0 |
vegastars-dev-allow-local sg-0b31cc53d69762373 |
Outbound | All | All | 0.0.0.0/0 |
vegastars-dev-allow-local-port-3306 sg-0c361f96e4178913c |
Outbound | All | All | 0.0.0.0/0 |
Compliance Findings
Network & Security (Section 5.2)
1
Open Security Groups (0.0.0.0/0)
5
EC2 Without IMDSv2
Yes
CloudTrail Enabled
Data Protection (Section 5.4)
8
Unencrypted EBS Volumes
0
Unencrypted RDS
55
SQS Without Encryption
Logging & Monitoring (Section 5.3)
6
Log Groups (No Retention)
RDS Standards (Section 7)
0
Public RDS Instances
1
RDS Without Multi-AZ
0
RDS Without Backups
Lambda Standards (Section 7)
0
Lambda Default Timeout (3s)
0
Lambda Without DLQ
SQS Standards (Section 7)
55
SQS Without DLQ
ECS Standards (Section 7)
37
Plaintext Env Vars
0
Privileged Containers