ec2
Checks
-
enable-at-rest-encryption Instance with unencrypted block device.
-
enforce-http-token-imds aws_instance should activate session tokens for Instance Metadata Service.
-
no-secrets-in-user-data User data for EC2 instances must not contain sensitive AWS keys