How to run -- #33
Comments
|
Any update on this? |
|
Regarding #4 and $5. If you implement the "aws-security-benchmark/aws_cis_foundation_framework/aws-cis-foundation-benchmark-checklist.py" as a config rule it will run on a regular schedule and send email with the findings. Meaning all resources that were not configured correctly. Assigning to Rob regarding #1-3 and the CFn template what it enables. |
|
Thanks Henrik. Looking forward to hearing from Rob! |
|
Unlike the Quick Starts that you mentioned, launching this CIS CloudFormation template won't create networking resources like VPCs or subnets. It creates the logging, monitoring, and alarming controls as identified in the CIS benchmarks; you can refer to the security control matrix for a mapping of the controls to the benchmarks. I hope this helps. |
|
Closing this issue. Please let us know if you need anything further. |
Recently, I was involved in reviewing data platform in the context of security for large enterprises. I wish I known something like this repo -- definitely would like to use it in new future.
I've got few questions and would appreciate your prompt response --
In regards to the architecture, please correct me if I am wrong. Your code will create VPC. Would it create one of those compliant vpc architecture where you will have management & prod vpc. As you must be aware, all the quick start guide (PCI DSS, NIST) aws published followed this ..
Would your code also create the subnet topology - public private etc?
Would I be able to do the below that we recommend to client, if yes, then what would be the instructions -
Finally, if what I am saying is too comprehensive and not supported at all, any chance you would support/add these features soon?
Please advise.
The text was updated successfully, but these errors were encountered: