CIS Benchmarks September 2020 Update


CIS Amazon Web Services Foundations Benchmark v1.3.0

Prescriptive guidance for configuring security options for a subset of Amazon Web Services (AWS) with an emphasis on foundational, testable, and architecture agnostic settings. Specific AWS in scope for this document include: AWS Identity and Access Management (IAM); AWS Config; AWS CloudTrail; AWS CloudWatch; AWS Simple Notification Service (SNS); AWS Simple Storage Service (S3); AWS VPC (Default). There are many updates to this release and a full change log is included at the end of each version.

Here are just a few of the things that are new/changed in this release:

  • Updated multiple audit and remediation steps to match changes in AWS
  • Updated password recommendations to match CIS/DISA guidance
  • Added storage recommendations for data-at-rest protection
  • Updated multiple reference link to match changes in document locations
  • Updated networking recommendations to clarify guidance

Thank you to all in the community who have contributed to development of this release! This update would not have been possible without the time and effort the editors put into the process.

Download the CIS Amazon Web Services Foundations Benchmark v1.3.0

Our members can visit CIS WorkBench to download other formats and related resources.


Get involved by helping us develop content, review recommendations, and test CIS Benchmarks. Join a community today! We’re looking for contributors for the following technologies:

  • CIS Robotic Operating System (ROS)
  • Microsoft Azure Foundations
  • Zoom Video Communication
  • Cisco – NX-OS
  • Oracle MySQL

Have questions about the CIS Benchmark development process, how you can contribute, or how to get involved? Reach out to us at [email protected]. You can also learn more on the CIS Benchmarks Community page.