Conformance Pack Sample Templates for AWS Config
Here are the conformance pack YAML templates that you see in AWS Config console. Within each
conformance pack template, you can use one or more AWS Config rules and remediation actions. The AWS Config
rules listed within the conformance pack can be AWS Config managed rules and/or AWS Config custom rules. You
can download all the conformance pack templates from GitHub
Important
Conformance packs provide a general-purpose compliance framework to help you create security, operational or cost-optimization governance checks using managed or custom AWS Config rules and AWS Config remediation actions. AWS conformance pack sample templates intend to help you create your own conformance packs with different or additional rules, input parameters and remediation actions that suit your environment. The sample templates, including those related to compliance standards and industry benchmarks, are not designed to ensure your compliance with a specific governance standard. They can neither replace your internal efforts nor guarantee that you will pass a compliance assessment.
Note
It is recommended that you review the rules available in the region where you deploy a conformance pack (List of AWS Config Managed Rules by Region Availability) and amend the template for rules not yet available in that region before deploying.
Topics
Operational Best Practices for ABS CCIG 2.0 Material Workloads
Operational Best Practices for ABS CCIG 2.0 Standard Workloads
Operational Best Practices for AWS Identity And Access Management
Operational Best Practices for AWS Well-Architected Framework Reliability Pillar
Operational Best Practices for AWS Well-Architected Framework Security Pillar
Operational Best Practices for CIS AWS Foundations Benchmark v1.4 Level 1
Operational Best Practices for CIS AWS Foundations Benchmark v1.4 Level 2
Operational Best Practices for CIS Critical Security Controls v8 IG1
Operational Best Practices for CIS Critical Security Controls v8 IG2
Operational Best Practices for CIS Critical Security Controls v8 IG3
Operational Best Practices for Criminal Justice Information Services (CJIS)
Operational Best Practices for Data Lakes and Analytics Services
Operational Best Practices for Encryption and Key Management
Operational Best Practices for ENISA Cybersecurity guide for SMEs
Operational Best Practices for Esquema Nacional de Seguridad (ENS) Low
Operational Best Practices for Esquema Nacional de Seguridad (ENS) Medium
Operational Best Practices for Esquema Nacional de Seguridad (ENS) High
Operational Best Practices for Germany Cloud Computing Compliance Criteria Catalog (C5)
Operational Best Practices for Gramm Leach Bliley Act (GLBA)
Operational Best Practices for Management and Governance Services
Operational Best Practices for NCSC Cloud Security Principles
Operational Best Practices for NCSC Cyber Assesment Framework
Operational Best Practices for Networking and Content Delivery Services
Operational Best Practices for PCI DSS 4.0 (Excluding global resource types)
Operational Best Practices for PCI DSS 4.0 (Including global resource types)
Operational Best Practices for Publicly Accessible Resources
Operational Best Practices for RBI Cyber Security Framework for UCBs
Operational Best Practices for Security, Identity, and Compliance Services
Security Best Practices for Amazon Elastic Container Service (Amazon ECS)
Security Best Practices for Amazon Elastic File System (Amazon EFS)
Security Best Practices for Amazon Elastic Kubernetes Service (Amazon EKS)
Security Best Practices for Amazon Relational Database Service (Amazon RDS)
For more information about template structure, see Template Anatomy in the AWS CloudFormation User Guide.
