action SECOPS

• Apply AWS Default Encryption for S3 Bucket: Apply AWS Default Encryption for S3 Bucket

• AWS Attach New Policy to User: AWS Attach New Policy to User

• AWS Change ACL Permission of public S3 Bucket: AWS Change ACL Permission public S3 Bucket

• AWS Check if RDS instances are not M5 or T3: AWS Check if RDS instances are not M5 or T3

• Check SSL Certificate Expiry: Check ACM SSL Certificate expiry date

• AWS Create IAM Policy: Given an AWS policy (as a string), and the name for the policy, this will create an IAM policy.

• AWS Create Access Key: Create a new Access Key for the User

• Create New IAM User: Create New IAM User

• AWS Redshift Query: Make a SQL Query to the given AWS Redshift database

• Create Login profile for IAM User: Create Login profile for IAM User

• AWS Delete Access Key: Delete an Access Key for a User

• Delete AWS Default Encryption for S3 Bucket: Delete AWS Default Encryption for S3 Bucket

• Filter AWS EBS Volume with Low IOPS: IOPS (Input/Output Operations Per Second) is a metric used to measure the amount of input/output operations that an EBS volume can perform per second.

• Get AWS public S3 Buckets using ACL: Get AWS public S3 Buckets using ACL

• Filter AWS Target groups by tag name: Filter AWS Target groups which have the provided tag attached to it. It also returns the value of that tag for each target group

• Filter AWS Unencrypted S3 Buckets: Filter AWS Unencrypted S3 Buckets

• AWS Filter Unused Log Stream: This action lists all log streams that are unused for all the log groups by the given threshold.

• AWS Find Unused NAT Gateways: This action to get all of the Nat gateways that have zero traffic over those

• AWS Find Low Connections RDS instances Per Day: This action will find RDS DB instances with a number of connections below the specified minimum in the specified region.

• AWS Find EMR Clusters of Old Generation Instances: This action list of EMR clusters of old generation instances.

• Get AWS CloudWatch Alarms List: Get AWS CloudWatch Alarms List

• Get AWS ALB Listeners Without HTTP Redirection: Get AWS ALB Listeners Without HTTP Redirection

• Get AWS EC2 Instances All : Use This Action to Get All AWS EC2 Instances

• AWS Get All Service Names v3: Get a list of all service names in a region

• AWS Get EBS Volumes for Low Usage: This action list low use volumes from AWS which used <10% capacity from the given threshold days.

• Get AWS EBS Volume Without GP3 Type: AWS recently introduced the General Purpose SSD (gp3) volume type, which is designed to provide higher IOPS performance at a lower cost than the gp2 volume type.

• AWS ECS Instances without AutoScaling policy: AWS ECS Instances without AutoScaling policy.

• AWS ECS Services without AutoScaling policy: AWS ECS Services without AutoScaling policy.

• AWS Get Idle EMR Clusters: This action list of EMR clusters that have been idle for more than the specified time.

• Get all Targets for Network Load Balancer (NLB): Use this action to get all targets for Network Load Balancer (NLB)

• AWS Get Network Load Balancer (NLB) without Targets: Use this action to get AWS Network Load Balancer (NLB) without Targets

• AWS Get Publicly Accessible RDS Instances: AWS Get Publicly Accessible RDS Instances

• AWS Get Publicly Accessible DB Snapshots in RDS: AWS Get Publicly Accessible DB Snapshots in RDS

• Get secrets from secretsmanager: Get secrets from AWS secretsmanager

• AWS Get Secrets Manager Secret: Get string (of JSON) containing Secret details

• AWS Get Secrets Manager SecretARN: Given a Secret Name - this Action returns the Secret ARN

• Get AWS Security Group Details: Get details about a security group, given its ID.

• AWS Get IAM Users with Old Access Keys: This Lego collects the access keys that have never been used or the access keys that have been used but are older than the threshold.

• AWS List Access Key: List all Access Keys for the User

• List Expiring ACM Certificates: List All Expiring ACM Certificates

• AWS List Unused Secrets: This action lists all the unused secrets from AWS by comparing the last used date with the given threshold.

• AWS List IAM Users With Old Passwords: This Lego filter gets all the IAM users' login profiles, and if the login profile is available, checks for the last password change if the password is greater than the given threshold, and lists those users.

• GCP Add Member to IAM Role: Adding member to the IAM role which already available

• GCP Add Role to Service Account: Adding role and member to the service account

• List GCP Secrets: List of your GCP Secrets

• GCP List Service Accounts: GCP List Service Accounts

• GCP Remove Member from IAM Role: Remove member from the chosen IAM role.

• GCP Remove Role from Service Account: Remove role and member from the service account