CIS AWS Foundations Benchmark
Achieve and maintain compliance with the CIS AWS Foundations Benchmark recommendations.
Compliance in Days, Not Months
The CIS AWS Foundations Benchmark is an objective, consensus-driven guideline for establishing secure infrastructure on AWS. Gruntwork's production-grade, battle-tested infrastructure as code modules are built for compliance. Leverage them to achieve compliance with the Benchmark quickly and repeatably, avoiding the burden of a complex, drawn-out compliance project.
Get a Detailed Walkthrough for compliance with the AWS Foundations Benchmark
See our guide: How to achieve compliance with the CIS AWS Foundations Benchmark Benchmark
How It Works
Review the guideRead the How to achieve compliance with the CIS AWS Foundations Benchmark guide to get a handle on the concepts and process.
Use the compliance modulesUse the compliance modules to configure your account according to the recommendations in the Benchmark:
- Create compliant IAM users, groups, roles, and policies
- Require multi-factor authentication for accessing AWS
- Enable AWS Config across all regions
- Remove default VPCs and unnecessary default security groups
- Configure CloudTrail integration with S3, KMS, and CloudWatch Logs
- Establish metrics and alarms for compliance violations
- Configure VPCs with flow logs and a minimal set of peering connections
- Avoid overly permissive inbound security group rules
Request a Gruntwork Reference Architecture to get an end to end production-grade environment, certified by CIS for the AWS Foundations Benchmark, deployed into your AWS accounts, and fully managed as code—all in about 1 day!
Pass an auditAfter using the modules to configure your AWS accounts, your infrastructure will pass muster with the CIS audit steps. Take a bow after your security team inspects your account for compliance.
Stay currentOur tests ensure that the modules remain compliant over time. We'll update the modules when new versions of the Benchmark are released, and the updates are included with the subscription.
Have another compliance objective?Are you looking to achieve compliance with PCI DSS, HIPAA, NIST, or another standard? Contact us to discuss your project!
CIS AWS Foundations Benchmark Compliance Features
Contact sales for pricing. Please note that to use the compliance modules, you must be a Gruntwork Subscriber.