CIS AWS Foundations 1.4.0
Policy Pack based on the AWS Foundations 1.4.0 benchmark provided by the Center for Internet Security (CIS).
- Install Cloud Graph CLI.
- Set up the AWS Provider for CG with the cg init aws command.
- Add Policy Pack for AWS PCI DSS benchmark using cg policy add aws-cis-1.4.0 command.
- Execute the ruleset using the scan command cg scan aws.
- Query the findings using the different options:
Use the CloudGraph Policy Pack for AWS CIS 1.4 to query all of your CIS findings for all of your AWS Accounts:
If you want to query several different compliance findings for a given provider like AWS at once, you can request them like this:
For each CIS rule, get the resources that the rule is associated with, in this case we are quering IAM user's data to see which pass and fail:
If you wanted to understand the CIS rules that apply to a particular IAM User you could use the following query:
Please see the CIS 1.4 README for a table of available rules.
Updated 03 Mar 2023
Did this page help you?