Checklist Summary:

This document provides prescriptive guidance for configuring security options for a subset of Amazon Web Services with an emphasis on foundational, testable, and architecture agnostic settings. Specific Amazon Web Services in scope for this document include: ? AWS Identity and Access Management (IAM) ? AWS Config ? AWS CloudTrail ? AWS CloudWatch ? AWS Simple Notification Service (SNS) ? AWS Simple Storage Service (S3) ? AWS VPC (Default)

Checklist Role:

• Virtualization Server
• Business Productivity Application

Known Issues:

Not provided.

Target Audience:

This document is intended for system and application administrators, security specialists, auditors, help desk, platform deployment, and/or DevOps personnel who plan to develop, deploy, assess, or secure solutions in Amazon Web Services.

Target Operational Environment:

• Managed

Testing Information:

Not provided.

Regulatory Compliance:

Not provided.

Comments/Warnings/Miscellaneous:

Not provided.

Disclaimer:

https://www.cisecurity.org/cis-securesuite/cis-securesuite-membership-terms-of-use/

Product Support:

feedback@cisecurity.org

Point of Contact:

feedback@cisecurity.org

Sponsor:

Not provided.

Licensing:

https://www.cisecurity.org/cis-securesuite/cis-securesuite-membership-terms-of-use/

Change History:

updated to FINAL - 7/3/2018

Dependency/Requirements:

URL	Description

References:

Reference URL	Description

NIST checklist record last modified on 07/03/2018