Posted On: Oct 2, 2020
AWS Config now offers 15 additional sample conformance pack templates that can help you verify your cloud infrastructure’s compliance with one or more frameworks for configuration best practices. With conformance packs, you can package a collection of AWS Config rules and remediation actions that can be deployed together as a single entity across an entire organization. This is particularly useful if you need to quickly establish a common baseline for resource configuration policies and best practices across multiple accounts in your organization in a scalable and efficient way.
A sample conformance pack template is a YAML template that contains a list of AWS Config managed or custom rules and remediation actions. The new sample conformance pack templates released today, each of which contain a set of AWS Config managed rules, can help you to verify compliance with certain controls within HIPAA, NIST-800-53, NIST-800-171, FedRAMP, US-FFIEC, Cybersecurity Maturity Model Certifications (CMMC) - Levels 1 and 2, and AWS Well-Architected Framework best practices. Additionally, setup of conformance packs is further simplified as one of the pre-requisites of setting up a delivery S3 bucket, is now optional.
Pricing for conformance packs is based on the number of conformance pack evaluations that you run each month, using a tiered pricing model as listed in AWS Config pricing. Conformance packs are available in the AWS Regions listed here. For more information about AWS Config, see the AWS Config webpage.
Disclaimer: Customers are responsible for making their own independent assessment of the sample conformance pack templates, and the AWS Config rules and remediation actions included in any such template, in connection with assessing compliance with any governance framework or standard. Each sample conformance pack template provides a basis to help you create security, operational or cost-optimization governance checks using managed or custom AWS Config rules and remediation actions. Sample conformance pack templates are intended to help you create your own conformance packs with different or additional rules, input parameters and remediation actions that are most appropriate for your resources. The sample conformance pack templates, including those related to specific compliance standards and industry frameworks, are not designed to, and do not, ensure your compliance with any such standard or framework and it is your responsibility to ensure any such compliance. Using a sample conformance pack template neither replaces your need for internal efforts to ensure compliance with any applicable standard nor guarantees that you will pass any compliance assessment.