| ebs_volume_avg_read_write_ops_high | 500
| The number of average read/write ops required for volumes to be considered frequently used. This value should be higher than ebs_volume_avg_read_write_ops_low. |
| ecs_cluster_avg_cpu_utilization_low | 20
| The average CPU utilization required for clusters to be considered infrequently used. This value should be lower than ecs_cluster_avg_cpu_utilization_high. |
| ec2_instance_avg_cpu_utilization_low | 20
| The average CPU utilization required for instances to be considered infrequently used. This value should be lower than ec2_instance_avg_cpu_utilization_high. |
| secretsmanager_secret_last_used | 90
| The default number of days secrets manager secrets to be considered in-use. |
| cost_explorer_service_cost_max_cost_units | 10
| The maximum difference in cost units allowed for service costs between the current and previous month. |
| ec2_reserved_instance_expiration_warning_days | 30
| The number of days reserved instances can be running before sending a warning. |
| rds_db_instance_avg_cpu_utilization_low | 25
| The average CPU utilization required for DB instances to be considered infrequently used. This value should be lower than rds_db_instance_avg_cpu_utilization_high. |
| rds_running_db_instance_age_warning_days | 30
| The number of days DB instances can be running before sending a warning. |
| redshift_cluster_avg_cpu_utilization_low | 20
| The average CPU utilization required for clusters to be considered infrequently used. This value should be lower than redshift_cluster_avg_cpu_utilization_high. |
| redshift_running_cluster_age_warning_days | 30
| The number of days clusters can be running before sending a warning. |
| elasticache_running_cluster_age_max_days | 90
| The maximum number of days clusters are allowed to run. |
| rds_running_db_instance_age_max_days | 90
| The maximum number of days DB instances are allowed to run. |
| redshift_running_cluster_age_max_days | 90
| The maximum number of days clusters are allowed to run. |
| rds_db_instance_avg_connections | 2
| The minimum number of average connections per day required for DB instances to be considered in-use. |
| elasticache_running_cluster_age_warning_days | 30
| The number of days clusters can be running before sending a warning. |
| tag_dimensions | []
| A list of tags to add as dimensions to each control. |
| ebs_volume_avg_read_write_ops_low | 100
| The number of average read/write ops required for volumes to be considered infrequently used. This value should be lower than ebs_volume_avg_read_write_ops_high. |
| ebs_volume_max_size_gb | 100
| The maximum size (GB) allowed for volumes. |
| redshift_cluster_avg_cpu_utilization_high | 35
| The average CPU utilization required for clusters to be considered frequently used. This value should be higher than redshift_cluster_avg_cpu_utilization_low. |
| ec2_instance_allowed_types | ["%.nano","%.micro","%.small","%.medium","%.large","%.xlarge","%._xlarge"]
| A list of allowed instance types. PostgreSQL wildcards are supported. |
| ebs_snapshot_age_max_days | 90
| The maximum number of days snapshots can be retained. |
| ec2_running_instance_age_max_days | 90
| The maximum number of days instances are allowed to run. |
| ecs_cluster_avg_cpu_utilization_high | 35
| The average CPU utilization required for clusters to be considered frequently used. This value should be higher than ecs_cluster_avg_cpu_utilization_low. |
| rds_db_instance_avg_cpu_utilization_high | 50
| The average CPU utilization required for DB instances to be considered frequently used. This value should be higher than rds_db_instance_avg_cpu_utilization_low. |
| common_dimensions | ["account_id","region"]
| A list of common dimensions to add to each control. |
| dynamodb_table_stale_data_max_days | 90
| The maximum number of days table data can be unchanged before it is considered stale. |
| ec2_instance_avg_cpu_utilization_high | 35
| The average CPU utilization required for instances to be considered frequently used. This value should be higher than ec2_instance_avg_cpu_utilization_low. |
| cloudwatch_log_stream_age_max_days | 90
| The maximum number of days log streams are allowed without any log event written to them. |
| ebs_volume_max_iops | 32000
| The maximum IOPS allowed for volumes. |
