DashboardsAWS Audit Manager Control Tower GuardrailsAWS Foundational Security Best PracticesCIS Controls v8 IG1CIS v1.2.0CIS v1.3.0CIS v1.4.0CIS v1.5.0CISA Cyber EssentialsFedRAMP Low Revision 4FedRAMP Moderate Revision 4Federal Financial Institutions Examination Council (FFIEC)General Data Protection Regulation (GDPR)GxP 21 CFR Part 11GxP EU Annex 11HIPAA Final Omnibus Security Rule 2013HIPAA Security Rule 2003NIST 800-171 Revision 2NIST 800-53 Revision 4NIST 800-53 Revision 5NIST Cybersecurity Framework (CSF) v1.1Other Compliance ChecksPCI DSS v3.2.1RBI Cyber Security FrameworkSOC 2
Dashboard: CIS v1.3.0
To obtain the latest version of the official guide, please visit http://benchmarks.cisecurity.org.
Overview
The CIS Amazon Web Services Foundations Benchmark provides prescriptive guidance for configuring security options for a subset of Amazon Web Services with an emphasis on foundational, testable, and architecture agnostic settings. Specific Amazon Web Services in scope include:
- AWS Identity and Access Management (IAM)
- AWS Config
- AWS CloudTrail
- AWS CloudWatch
- AWS Simple Notification Service (SNS)
- AWS Simple Storage Service (S3)
- AWS VPC (Default)
Profiles
Level 1
Items in this profile intend to:
- be practical and prudent;
- provide a clear security benefit; and
- not inhibit the utility of the technology beyond acceptable means.
Level 2 (extends Level 1)
This profile extends the "Level 1" profile. Items in this profile exhibit one or more of the following characteristics:
- are intended for environments or use cases where security is paramount
- acts as defense in depth measure
- may negatively inhibit the utility or performance of the technology.
Usage
Browse dashboards and select CIS v1.3.0:
steampipe dashboardOr snapshot and share results via Steampipe Cloud:
steampipe loginsteampipe dashboard --share aws_compliance.benchmark.cis_v130Benchmark
This dashboard is automatically generated from the following benchmark:
benchmark.cis_v130