AWS Report Types

Previous Next JavaScript must be enabled to correctly display this content

AWS Report Types

Understand what information is available in each of the AWS predefined reports.

You can run predefined reports for AWS reports from the Reports page.

You can create a report from scratch. See Creating a Custom New Report and Running an Ad Hoc Report: Report Builder.

The following table shows what information is available in each of the AWS predefined reports.

Report Name	Description
AWS: CIS benchmark for IAM and logging	This report monitors requirements for section 1, Identity and Access Management, and section 2, Logging, from the AWS and Center for Internet Security Web Services Foundations document. The report provides recommendations for actions to take, for each item that fails the checks or requires your review.
AWS: IAM users who performed a Switch Role	This report lists all user Switch Role actions with details about the session in which they used the roles. You may want to investigate the activity of users who request an unusual number of cross-account roles, or users who perform a Switch Role action and assume highly privileged roles.
AWS: User actions performed after a Switch Role	This report shows the actions performed after a user assumed the new role.
AWS: EC2 key pair rotation	This report lists each key name, its status, its fingerprint, creation region, the instance in which it was generated, and its creation date. Both unused and nonrotated keys offer opportunities for the system to be compromised.
AWS: Failed change password attempts	An unusual number of failed change password attempts can indicate an attempt to hijack a user's credentials.
AWS: IAM access key rotation	This report lists each key name, its status, its owner, creation date, and the instance in which it was generated. Both unused and nonrotated keys offer opportunities for the system to be compromised.
AWS: IAM user roles that Oracle CASB Cloud Service reset	After you define a policy that allows Oracle CASB Cloud Service to revert changes to role definitions in AWS, this report shows the occasions when Oracle CASB Cloud Service performed a reset action.
AWS: S3 Buckets ACL	This report lists assigned permissions on S3 bucket access control lists (ACLs) and access control policies (ACPs).