The CIS Benchmark page provides guidelines on how to configure security options for a range of AWS services.
By leveraging the standards articulated within the CIS Benchmark for AWS, security professionals can more easily and consistently ensure that their deployments are following established best practices for compliance.
Each control and its state of compliance is listed clearly. CloudCheckr uses its Best Practice Checks as a source of data for each of the controls.
Each control is categorized under one of the following areas of compliance: Identity and Access Management, Logging, Monitoring, or Networking.
This example shows the controls under Identity and Access Management.
Click (green plus sign) to see details on the Best Practice checks associated with that control, whether it is scored or not, its status (Correctly or Not Correctly Set), and any remediation comments.
The table describes each of the features on the CIS Benchmark page.
Level 1 and Level 2 tabs
Level 1 and Level 2 are security configuration profiles.
Each control is grouped under one of the following categories:
Name and description of a control in the AWS CIS Foundation report.
Click to show the details about the selected control.
Click to hide the details about the selected control.
Best Practice Check
The name of the Best Practice Check associated with the selected control.
The color and icon of the check indicates if it is passing or failing for your deployment.
Clicking the name of the check takes you to the location and details in the Best Practice report.
Allows you to insert a message about remediation.
Click Submit to add the remediation comment.
Indicates if the the control is configured correctly for the selected deployment.
Indicates if the control is scored.
Allows you to toggle Yes or No to indicate if the condition is met (manual attestation).