You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As of right now, I don't believe there's an easy way of knowing what Config rule maps to which CIS rule. This makes it a little bit difficult knowing what rules are being checked and which aren't. Furthermore, the CIS benchmark goes through versions and rules get updated. The packs also don't indicate which CIS version they met. It would also be nice if there was some indication as to which rule and benchmark version each of the Config rules are in compliance with.
For example, this rule states that the root user should have MFA enabled. That rule maps to the 1.13 rule of the v1.2.0 benchmark, but there's no easy way of knowing this just by looking at the Config rule.
As of right now, I don't believe there's an easy way of knowing what Config rule maps to which CIS rule. This makes it a little bit difficult knowing what rules are being checked and which aren't. Furthermore, the CIS benchmark goes through versions and rules get updated. The packs also don't indicate which CIS version they met. It would also be nice if there was some indication as to which rule and benchmark version each of the Config rules are in compliance with.
For example, this rule states that the root user should have MFA enabled. That rule maps to the 1.13 rule of the v1.2.0 benchmark, but there's no easy way of knowing this just by looking at the Config rule.
https://github.com/awslabs/aws-config-rules/blob/master/aws-config-conformance-packs/Operational-Best-Practices-for-CIS-Top20.yaml#L755-L761
The text was updated successfully, but these errors were encountered: