AWS Compliance Mod

Run individual configuration, compliance and security controls or full compliance benchmarks for CIS, HIPAA, and PCI DSS across all your AWS accounts.


AWS provides on-demand cloud computing platforms and APIs to authenticated customers on a metered pay-as-you-go basis.

CIS AWS Benchmarks provide a predefined set of compliance and security best-practice checks for AWS accounts.

PCI DSS provides security standards for the payment card industry.

Steampipe is an open source CLI to instantly query cloud APIs using SQL.

Steampipe Mods are collections of named queries, and codified controls that can be used to test current configuration of your cloud resources against a desired configuration.


Get started

Install the AWS plugin with Steampipe:

steampipe plugin install aws


git clone git@github.com:turbot/steampipe-mod-aws-compliance
cd steampipe-mod-aws-compliance

Run all benchmarks:

steampipe check all

Run a single benchmark:

steampipe check benchmark.cis_v140

Run a specific control:

steampipe check control.cis_v140_2_1_1


This mod uses the credentials configured in the Steampipe AWS plugin.


No extra configuration is required.

Get involved