CIS AWS Foundations 1.2.0
5min
Policy Pack based on the AWS Foundations 1.2.0 benchmark provided by the Center for Internet Security (CIS).
First Steps
- Add Policy Pack for AWS PCI DSS benchmark using cg policy add aws-cis-1.2.0 command.
- Execute the ruleset using the scan command cg scan aws.
- Query the findings using the different options:
Use the CloudGraph Policy Pack for AWS CIS 1.2 to query all of your CIS findings for all of your AWS Accounts:
GraphQL
|
If you want to query several different compliance findings for a given provider like AWS at once, you can request them like this:
GraphQL
|
For each CIS rule, get the resources that the rule is associated with, in this case we are quering IAM user's data to see which pass and fail:
GraphQL
|
If you wanted to understand the CIS rules that apply to a particular IAM User you could use the following query:
GraphQL
|
Available Ruleset
Please see the CIS 1.2 README for a table of available rules.



Updated 03 Mar 2023
Did this page help you?
Yes
No