ec2,eks,iam,lambda,s3

id links

docs/guardrails/billing/guardrails.md

@@ -6,6 +6,6 @@ layout: default
 
 ## AWS Billing
 
-| Identifier    | Guardrail                                                                                                   | Rationale                                                                                                                                                                                                                                                                                | Remediation                                                           | References                                                                                                                                             | IAM Actions                                                                                 |
-|:--------------|:------------------------------------------------------------------------------------------------------------|:-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|:----------------------------------------------------------------------|:-------------------------------------------------------------------------------------------------------------------------------------------------------|:--------------------------------------------------------------------------------------------|
-| IAM-BILLING-1 | Check that the ability to modify or update AWS Billing options are only assumable to authorized principals. | In all AWS environments, ensure that only billing and account administrators are able to update or modify AWS billing and account options. Unauthorized modifications could affect your billing payments, budgets, or account information such as email addresses and security contacts. | For unauthorized principals, either remove the associated IAM Actions | [https://docs.aws.amazon.com/IAM/latest/UserGuide/list_awsbilling.html](https://docs.aws.amazon.com/IAM/latest/UserGuide/list_awsbilling.html)<br><br> | aws-portal:ModifyBilling<br>aws-portal:ModifyAccount<br>aws-portal:ModifyPaymentMethods<br> |
+| Identifier                                                     | Guardrail                                                                                                   | Rationale                                                                                                                                                                                                                                                                                | Remediation                                                           | References                                                                                                                                             | IAM Actions                                                                                 |
+|:---------------------------------------------------------------|:------------------------------------------------------------------------------------------------------------|:-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|:----------------------------------------------------------------------|:-------------------------------------------------------------------------------------------------------------------------------------------------------|:--------------------------------------------------------------------------------------------|
+| <a id="IAM-BILLING-1" href="#IAM-BILLING-1" >IAM-BILLING-1</a> | Check that the ability to modify or update AWS Billing options are only assumable to authorized principals. | In all AWS environments, ensure that only billing and account administrators are able to update or modify AWS billing and account options. Unauthorized modifications could affect your billing payments, budgets, or account information such as email addresses and security contacts. | For unauthorized principals, either remove the associated IAM Actions | [https://docs.aws.amazon.com/IAM/latest/UserGuide/list_awsbilling.html](https://docs.aws.amazon.com/IAM/latest/UserGuide/list_awsbilling.html)<br><br> | aws-portal:ModifyBilling<br>aws-portal:ModifyAccount<br>aws-portal:ModifyPaymentMethods<br> |

docs/guardrails/budgets/guardrails.md

@@ -6,6 +6,6 @@ layout: default
 
 ## AWS Budgets
 
-| Identifier    | Guardrail                                                                                                   | Rationale                                                                                                                                                                                                             | Remediation                                                           | References                                                                                                                                                                                   | IAM Actions              |
-|:--------------|:------------------------------------------------------------------------------------------------------------|:----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|:----------------------------------------------------------------------|:---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|:-------------------------|
-| IAM-BUDGETS-1 | Check that the ability to modify or update AWS Budgets options are only assumable to authorized principals. | In all AWS environments, ensure that only Budget administrators and authorized principals should be able to update or modify AWS Budgets options. Unauthorized modifications could affect your cost and usage budgets | For unauthorized principals, either remove the associated IAM Actions | [https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/budgets-managing-costs.html](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/budgets-managing-costs.html)<br><br> | budgets:ModifyBudget<br> |
+| Identifier                                                     | Guardrail                                                                                                   | Rationale                                                                                                                                                                                                             | Remediation                                                           | References                                                                                                                                                                                   | IAM Actions              |
+|:---------------------------------------------------------------|:------------------------------------------------------------------------------------------------------------|:----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|:----------------------------------------------------------------------|:---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|:-------------------------|
+| <a id="IAM-BUDGETS-1" href="#IAM-BUDGETS-1" >IAM-BUDGETS-1</a> | Check that the ability to modify or update AWS Budgets options are only assumable to authorized principals. | In all AWS environments, ensure that only Budget administrators and authorized principals should be able to update or modify AWS Budgets options. Unauthorized modifications could affect your cost and usage budgets | For unauthorized principals, either remove the associated IAM Actions | [https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/budgets-managing-costs.html](https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/budgets-managing-costs.html)<br><br> | budgets:ModifyBudget<br> |