Policy Pack based on the AWS Foundations 1.4.0 benchmark provided by the Center for Internet Security (CIS).
Use the CloudGraph Policy Pack for AWS CIS 1.4 to query all of your CIS findings for all of your AWS Accounts:
If you want to query several different compliance findings for a given provider like AWS at once, you can request them like this:
For each CIS rule, get the resources that the rule is associated with, in this case we are quering IAM user's data to see which pass and fail:
If you wanted to understand the CIS rules that apply to a particular IAM User you could use the following query:
Please see the CIS 1.4 README for a table of available rules.