Might be interesting to add a command to check security in AWS.
This command must analyze the following itens:

[ ] - CloudFront distributions without HTTPS
[ ] - Unencrypted EBS Volumes
[ ] - Dynamodb with Point-in-Time Recovery (PITR) disabled
[ ] - Over-permissive IAM policies
[ ] - S3 bucket with public policies
[ ] - S3 bucket versioning disabled
[ ] - S3 bucket without SSE

A good point of reference might be https://github.com/toniblyx/prowler, https://github.com/nccgroup/ScoutSuite (this one is multi cloud) or AWS Config with conformance templates/managed rules.

The problem with Config is that it's overcomplicated, especially if you want to integrate it with AWS Security Hub. The configuration overhead is also problematic.

If it would be possible to have a command that would provide preselected rules and make use of ready rules, that would be great to have.