Checklist Summary:

This document provides prescriptive guidance for configuring security options for a subset of Amazon Web Services with an emphasis on foundational, testable, and architecture agnostic settings. Some of the specific Amazon Web Services in scope for this document include: AWS Identity and Access Management (IAM) IAM Access Analyzer AWS Config AWS CloudTrail AWS CloudWatch AWS Simple Notification Service (SNS) AWS Simple Storage Service (S3) Elastic Compute Cloud (EC2) Relational Database Service (RDS) AWS VPC To obtain the latest version of this guide, please visit https://benchmarks.cisecurity.org. If you have questions, comments, or have identified ways to improve this guide, please write us at BenchmarkInfo@cisecurity.org.

Checklist Role:

• Virtualization Server
• Web Application Server

Known Issues:

Not provided.

Target Audience:

This document is intended for system and application administrators, security specialists, auditors, help desk, platform deployment, and/or DevOps personnel who plan to develop, deploy, assess, or secure solutions in Amazon Web Services.

Target Operational Environment:

• Managed

Testing Information:

Not provided.

Regulatory Compliance:

Not provided.

Comments/Warnings/Miscellaneous:

Not provided.

Disclaimer:

https://www.cisecurity.org/cis-securesuite/cis-securesuite-membership-terms-of-use/

Product Support:

Not provided.

Point of Contact:

BenchmarkInfo@cisecurity.org

Sponsor:

Not provided.

Licensing:

https://www.cisecurity.org/cis-securesuite/cis-securesuite-membership-terms-of-use/

Change History:

new checklist - 2/26/24
updated general information tab
Candidate to Final - 4/30/24

Dependency/Requirements:

URL	Description

References:

Reference URL	Description

NIST checklist record last modified on 04/30/2024