# AWS Config Process Checks Within a Conformance Pack for AWS Config
Process checks is a type of AWS Config rule that allows you to track your external and internal tasks that require verification as part of the conformance packs. These checks can be added to an existing conformance pack or a new conformance pack. You can track all compliance that includes AWS Configurations and manual checks in a single location.
With process checks, you can list the compliance of requirements and actions at a single location. These process checks help increase the coverage of compliance regimes-based conformance packs. You can further expand the conformance pack by adding new process checks that track processes and actions needing manual verification and tracking. This enables conformance pack to become the template that provides details about AWS Configurations and manual processes for a compliance regime.
You can track and manage the compliance of processes not associated with resource configuration changes within a conformance packs as process checks. For example, you can add a process check to track the PCI-DSS compliance requirement to store media backup at an offsite location. You will manually evaluate the compliance of this according to PCI-DSS guidelines, or according to your organization's guidance.
**Region availability**: Process checks with the conformance packs are available in all AWS Regions where AWS Config conformance packs are available. For more information, see [Region Support](conformance-packs.md#conformance-packs-regions).
**Topics**
+ [Sample Template](Sample-CPack-Template-for-Creating-Process-Check-Rule.md)
+ [Creating Process Checks](How-to-create-a-Process-Check-Rule.md)
+ [Changing Compliance Status](change-compliance-status.md)
+ [View and Edit](view-a-process-check-console.md)
# Sample Conformance Pack Template for Creating Process Checks
```
################################################################################
#
# Conformance Pack template for process check
#
################################################################################
Resources:
AWSConfigProcessCheck:
Properties:
ConfigRuleName: RuleName
Description: Description of Rule
Source:
Owner: AWS
SourceIdentifier: AWS_CONFIG_PROCESS_CHECK
Type: AWS::Config::ConfigRule
```
See two sample templates, the [Operational Best Practices for CIS AWS Foundations Benchmark v1.4 Level 1](operational-best-practices-for-cis_aws_benchmark_level_1.md) template and the [Operational Best Practices for CIS AWS Foundations Benchmark v1.4 Level 2](operational-best-practices-for-cis_aws_benchmark_level_2.md) template.
# Include Process Checks Within a Conformance Pack
1. Add a process check in the conformance pack template. Refer to [Sample Conformance Pack Template for Creating Process Checks](Sample-CPack-Template-for-Creating-Process-Check-Rule.md).
```
Resources:
ConfigEnabledAllRegions:
Properties:
ConfigRuleName: Config-Enabled-All-Regions
Description: Ensure AWS Config is enabled in all Regions.
Source:
Owner: AWS
SourceIdentifier: AWS_CONFIG_PROCESS_CHECK
Type: AWS::Config::ConfigRule
```
1. Enter the name for the process check.
1. Enter the description for the process check.
1. Deploy the conformance pack. For more information, see [Deploying Conformance Packs for AWS Config](conformance-pack-deploy.md).
# Change Compliance Status of a Process Check
You can change the compliance status of a process check using the AWS Config console, the AWS CLI, and APIs.
------
#### [ Change Compliance Status for Process Checks (Console) ]
1. Sign in to the AWS Management Console and open the AWS Config console at [https://console.aws.amazon.com/config/home](https://console.aws.amazon.com/config/home).
1. Navigate to the AWS Config Rules page.
1. Choose the name of the process check that you specified in the template along with the identifier in the conformance pack.
**Note**
All the process checks from the same conformance pack have the same suffix.
1. On the Rule details page, you cannot edit the rule but you can edit the compliance of the rule. In the Manual compliance section, choose **Edit compliance**.
1. Choose the appropriate compliance from the dropdown list.
1. (Optional) Enter a description for the compliance status.
1. Choose **Save**.
------
#### [ Change the Compliance Status for Process Checks (AWS CLI) ]
You can update the compliance of process checks within a conformance pack using the AWS Command Line Interface (AWS CLI).
To install the AWS CLI on your local machine, see [Installing the AWS CLI](http://docs.aws.amazon.com/cli/latest/userguide/installing.html) in the *AWS CLI User Guide*.
If necessary, type `AWS Configure` to configure the AWS CLI to use an AWS Region where AWS Config conformance packs are available.
1. Open a command prompt or a terminal window.
1. Enter the following command to update the compliance of a process check where `ComplianceResourceId` is your `Account ID`, and include the name of your rule.
```
aws configservice put-external-evaluation --config-rule-name process-check-rule-name --external-evaluation ComplianceResourceType=AWS::::Account,ComplianceResourceId=Account ID,ComplianceType=NON_COMPLIANT,OrderingTimestamp=2020-12-17T00:10:00.000Z
```
1. Press Enter to run the command.
------
#### [ Change the Compliance Status for Process Checks (API) ]
After the deployment is complete, to update the evaluations and compliance of the process checks, use the `PutExternalEvaluation` API. For more information, see [PutExternalEvaluation](https://docs.aws.amazon.com/config/latest/APIReference/API_PutExternalEvaluation.html).
------
# View and Edit the Process Check (Console)
You can view process checks only after a compliance state has been added to process checks. Choose the specific conformance pack to view all the process checks within that conformance pack. Here you can see a list of process checks that are in compliant and noncompliant status.
Because this is a service linked rule, you cannot edit the process check through the Rule details page.
**Note**
However, you can update the compliance of the process check by choosing **Edit Compliance** and selecting the appropriate value from Compliant, noncompliant or not applicable.
You can edit or delete a process check from the conformance pack where you added the process checks.