We just raised $3.5M and we are hiring!

AWS Policies

With AWS Policies, you can use CloudQuery to automatically check compliance and security of AWS-based cloud resources. AWS CIS, PCI DSS and more to come.

$ cloudquery policy run aws
Category
compliance
Version
v0.1.13
License
MPL-2.0
License
MPL-2.0

AWS Security & Compliance CloudQuery policy pack

Official AWS security & compliance policy pack for CloudQuery.

What is CloudQuery

The open-source cloud asset inventory powered by SQL.

CloudQuery extracts, transforms, and loads your cloud assets into normalized PostgreSQL tables. CloudQuery enables you to assess, audit, and evaluate the configurations of your cloud assets.

Links

Included Policies

  • CIS v1.2.0
  • PCI DSS v.3.2.1
  • Foundational Security
  • Public Egress
  • Publicly Available

Quick Start

Prerequisite

  1. Install CloudQuery

# install with brew brew install cloudquery/tap/cloudquery # or download precompiled binaries from https://github.com/cloudquery/cloudquery/releases
  1. Download and Configure AWS Provider

cloudquery init aws
  1. Fetch

# connect or run a local PostgreSQL docker run -p 5432:5432 -e POSTGRES_PASSWORD=pass -d postgres # extract your cloud infra configuration cloudquery fetch

Running

# Describe what is available in the policy pack cloudquery policy describe aws # Run the whole pack cloudquery policy run aws # Run specific policy cloudquery policy run aws//cis_v1.2.0 # Run specific policy cloudquery policy run aws//pci_dss_v3.2.1 # Run specific check cloudquery policy run aws//cis_v1.2.0/1/1.1

Included Policies