AWS Security Hub controls supported by AWS Audit Manager
Audit Manager enables you to report the results of compliance checks directly from Security Hub. To do this, you specify one or more Security Hub controls as a data source mapping when you configure a custom control in Audit Manager.
Note
-
Audit Manager doesn’t collect evidence from service-linked AWS Config rules that are created by Security Hub. For more information, see the Troubleshooting section of this guide.
-
On November 9, 2022, Security Hub launched automated security checks aligned to the Center for Internet Security’s (CIS) AWS Foundations Benchmark version 1.4.0 requirements, Level 1 and 2 (CIS v1.4.0). In Security Hub, the CIS v1.4.0 standard is supported in addition to the CIS v1.2.0 standard.
Using Security Hub controls with Audit Manager
Tip
We recommend that you turn on the consolidated control findings setting in Security Hub if it's not turned on already. If you enable Security Hub on or after February 23, 2003, this setting is turned on by default.
When consolidated findings is enabled, Security Hub produces a single finding for each security
check (even when the same check applies to multiple standards). Each Security Hub finding is
collected as one unique resource assessment in Audit Manager. As a result, consolidated findings
results in a decrease of the total unique resource assessments that Audit Manager performs for Security Hub
findings. For this reason, using consolidated findings can often result in a reduction in
your Audit Manager usages costs, without sacrificing evidence quality and availability. For more
information about pricing, see AWS Audit Manager
Pricing
The following examples show a comparison of how Audit Manager collects and presents evidence depending on your Security Hub settings.
Supported Security Hub controls
The following Security Hub controls are currently supported by Audit Manager. You can use any of the following standard-specific control ID keywords when you set up a data source for a custom control.
Security standard | Supported keyword in Audit Manager (standard control ID in Security Hub) |
Related control documentation (corresponding security control ID in Security Hub) |
---|---|---|
CIS v1.2.0 | 1.1 | |
CIS v1.2.0 | 1.2 | |
CIS v1.2.0 | 1.3 | |
CIS v1.2.0 | 1.4 | |
CIS v1.2.0 | 1.5 | |
CIS v1.2.0 | 1.6 | |
CIS v1.2.0 | 1.7 | |
CIS v1.2.0 | 1.8 | |
CIS v1.2.0 | 1.9 | |
CIS v1.2.0 | 1.10 | |
CIS v1.2.0 | 1.11 | |
CIS v1.2.0 | 1.12 | |
CIS v1.2.0 |
1.13 |
|
CIS v1.2.0 |
1.14 |
|
CIS v1.2.0 |
1.16 |
|
CIS v1.2.0 |
1.20 |
|
CIS v1.2.0 |
1.22 |
|
CIS v1.2.0 |
2.1 |
|
CIS v1.2.0 |
2.2 |
|
CIS v1.2.0 |
2.3 |
|
CIS v1.2.0 |
2.4 |
|
CIS v1.2.0 |
2.5 |
|
CIS v1.2.0 |
2.6 |
|
CIS v1.2.0 |
2.7 |
|
CIS v1.2.0 |
2.8 |
|
CIS v1.2.0 |
2.9 |
|
CIS v1.2.0 |
3.1 |
|
CIS v1.2.0 |
3.2 |
|
CIS v1.2.0 |
3.3 |
|
CIS v1.2.0 |
3.4 |
|
CIS v1.2.0 |
3.5 |
|
CIS v1.2.0 |
3.6 |
|
CIS v1.2.0 |
3.7 |
|
CIS v1.2.0 |
3.8 |
|
CIS v1.2.0 |
3.9 |
|
CIS v1.2.0 |
3.10 |
|
CIS v1.2.0 |
3.11 |
|
CIS v1.2.0 |
3.12 |
|
CIS v1.2.0 |
3.13 |
|
CIS v1.2.0 |
3.14 |
|
CIS v1.2.0 |
4.1 |
|
CIS v1.2.0 |
4.2 |
|
CIS v1.2.0 |
4.3 |
|
PCI DSS |
PCI.AutoScaling.1 |
|
PCI DSS |
PCI.CloudTrail.1 |
|
PCI DSS |
PCI.CloudTrail.2 |
|
PCI DSS |
PCI.CloudTrail.3 |
|
PCI DSS |
PCI.CloudTrail.4 |
|
PCI DSS |
PCI.CodeBuild.1 |
|
PCI DSS |
PCI.CodeBuild.2 |
|
PCI DSS |
PCI.Config.1 |
|
PCI DSS |
PCI.CW.1 |
|
PCI DSS |
PCI.DMS.1 |
|
PCI DSS |
PCI.EC2.1 |
|
PCI DSS |
PCI.EC2.2 |
|
PCI DSS |
PCI.EC2.3 |
|
PCI DSS |
PCI.EC2.4 |
|
PCI DSS |
PCI.EC2.5 |
|
PCI DSS |
PCI.EC2.6 |
|
PCI DSS |
PCI.ELBv2.1 |
|
PCI DSS |
PCI.ES.1 |
|
PCI DSS |
PCI.ES.2 |
|
PCI DSS |
PCI.GuardDuty.1 |
|
PCI DSS |
PCI.IAM.1 |
|
PCI DSS |
PCI.IAM.2 |
|
PCI DSS |
PCI.IAM.3 |
|
PCI DSS |
PCI.IAM.4 |
|
PCI DSS |
PCI.IAM.5 |
|
PCI DSS |
PCI.IAM.6 |
|
PCI DSS |
PCI.IAM.7 |
|
PCI DSS |
PCI.IAM.8 |
|
PCI DSS |
PCI.KMS.1 |
|
PCI DSS |
PCI.Lambda.1 |
|
PCI DSS |
PCI.Lambda.2 |
|
PCI DSS |
PCI.Opensearch.1 |
|
PCI DSS |
PCI.Opensearch.2 |
|
PCI DSS |
PCI.RDS.1 |
|
PCI DSS |
PCI.RDS.2 |
|
PCI DSS |
PCI.Redshift.1 |
|
PCI DSS |
PCI.S3.1 |
|
PCI DSS |
PCI.S3.2 |
|
PCI DSS |
PCI.S3.3 |
|
PCI DSS |
PCI.S3.4 |
|
PCI DSS |
PCI.S3.5 |
|
PCI DSS |
PCI.S3.6 |
|
PCI DSS |
PCI.SageMaker.1 |
|
PCI DSS |
PCI.SSM.1 |
|
PCI DSS |
PCI.SSM.2 |
|
PCI DSS |
PCI.SSM.3 |
|
AWS Foundational Security Best Practices |
Account.1 |
|
AWS Foundational Security Best Practices |
ACM.1 |
|
AWS Foundational Security Best Practices |
ACM.2 |
|
AWS Foundational Security Best Practices |
APIGateway.1 |
|
AWS Foundational Security Best Practices |
APIGateway.2 |
|
AWS Foundational Security Best Practices |
APIGateway.3 |
|
AWS Foundational Security Best Practices |
APIGateway.4 |
|
AWS Foundational Security Best Practices |
APIGateway.5 |
|
AWS Foundational Security Best Practices |
APIGateway.8 |
|
AWS Foundational Security Best Practices |
APIGateway.9 |
|
AWS Foundational Security Best Practices |
AppSync.2 |
|
AWS Foundational Security Best Practices |
AutoScaling.1 |
|
AWS Foundational Security Best Practices |
AutoScaling.2 |
|
AWS Foundational Security Best Practices |
AutoScaling.3 |
|
AWS Foundational Security Best Practices |
AutoScaling.4 |
|
AWS Foundational Security Best Practices |
Autoscaling.5 |
|
AWS Foundational Security Best Practices |
AutoScaling.6 |
|
AWS Foundational Security Best Practices |
AutoScaling.9 |
|
AWS Foundational Security Best Practices |
CloudFormation.1 |
|
AWS Foundational Security Best Practices |
CloudFront.1 |
|
AWS Foundational Security Best Practices |
CloudFront.2 |
|
AWS Foundational Security Best Practices |
CloudFront.3 |
|
AWS Foundational Security Best Practices |
CloudFront.4 |
|
AWS Foundational Security Best Practices |
CloudFront.5 |
|
AWS Foundational Security Best Practices |
CloudFront.6 |
|
AWS Foundational Security Best Practices |
CloudFront.7 |
|
AWS Foundational Security Best Practices |
CloudFront.8 |
|
AWS Foundational Security Best Practices |
CloudFront.9 |
|
AWS Foundational Security Best Practices |
CloudFront.10 |
|
AWS Foundational Security Best Practices |
CloudFront.12 |
|
AWS Foundational Security Best Practices |
CloudFront.13 |
|
AWS Foundational Security Best Practices |
CloudTrail.1 |
|
AWS Foundational Security Best Practices |
CloudTrail.2 |
|
AWS Foundational Security Best Practices |
CloudTrail.4 |
|
AWS Foundational Security Best Practices |
CloudTrail.5 |
|
AWS Foundational Security Best Practices |
CodeBuild.1 |
|
AWS Foundational Security Best Practices |
CodeBuild.2 |
|
AWS Foundational Security Best Practices |
CodeBuild.3 |
|
AWS Foundational Security Best Practices |
CodeBuild.4 |
|
AWS Foundational Security Best Practices |
CodeBuild.5 |
|
AWS Foundational Security Best Practices |
Config.1 |
|
AWS Foundational Security Best Practices |
DMS.1 |
|
AWS Foundational Security Best Practices |
DynamoDB.1 |
|
AWS Foundational Security Best Practices |
DynamoDB.2 |
|
AWS Foundational Security Best Practices |
DynamoDB.3 |
|
AWS Foundational Security Best Practices |
EC2.1 |
|
AWS Foundational Security Best Practices |
EC2.2 |
|
AWS Foundational Security Best Practices |
EC2.3 |
|
AWS Foundational Security Best Practices |
EC2.4 |
|
AWS Foundational Security Best Practices |
EC2.6 |
|
AWS Foundational Security Best Practices |
EC2.7 |
|
AWS Foundational Security Best Practices |
EC2.8 |
|
AWS Foundational Security Best Practices |
EC2.9 |
|
AWS Foundational Security Best Practices |
EC2.10 |
|
AWS Foundational Security Best Practices |
EC2.15 |
|
AWS Foundational Security Best Practices |
EC2.16 |
|
AWS Foundational Security Best Practices |
EC2.17 |
|
AWS Foundational Security Best Practices |
EC2.18 |
|
AWS Foundational Security Best Practices |
EC2.19 |
|
AWS Foundational Security Best Practices |
EC2.20 |
|
AWS Foundational Security Best Practices |
EC2.21 |
|
AWS Foundational Security Best Practices |
EC2.22 |
|
AWS Foundational Security Best Practices |
EC2.23 |
|
AWS Foundational Security Best Practices |
EC2.24 |
|
AWS Foundational Security Best Practices |
EC2.25 |
|
AWS Foundational Security Best Practices |
ECR.1 |
|
AWS Foundational Security Best Practices |
ECR.2 |
|
AWS Foundational Security Best Practices |
ECR.3 |
|
AWS Foundational Security Best Practices |
ECS.1 |
|
AWS Foundational Security Best Practices |
ECS.2 |
|
AWS Foundational Security Best Practices |
ECS.3 |
|
AWS Foundational Security Best Practices |
ECS.4 |
|
AWS Foundational Security Best Practices |
ECS.5 |
|
AWS Foundational Security Best Practices |
ECS.8 |
|
AWS Foundational Security Best Practices |
ECS.10 |
|
AWS Foundational Security Best Practices |
ECS.12 |
|
AWS Foundational Security Best Practices |
EFS.1 |
|
AWS Foundational Security Best Practices |
EFS.2 |
|
AWS Foundational Security Best Practices |
EFS.3 |
|
AWS Foundational Security Best Practices |
EFS.4 |
|
AWS Foundational Security Best Practices |
EKS.1 |
|
AWS Foundational Security Best Practices |
EKS.2 |
|
AWS Foundational Security Best Practices |
ElasticBeanstalk.1 |
|
AWS Foundational Security Best Practices |
ElasticBeanstalk.2 |
|
AWS Foundational Security Best Practices |
ElasticBeanstalk.3 |
|
AWS Foundational Security Best Practices |
ELB.2 |
|
AWS Foundational Security Best Practices |
ELB.3 |
|
AWS Foundational Security Best Practices |
ELB.4 |
|
AWS Foundational Security Best Practices |
ELB.5 |
|
AWS Foundational Security Best Practices |
ELB.6 |
|
AWS Foundational Security Best Practices |
ELB.7 |
|
AWS Foundational Security Best Practices |
ELB.8 |
|
AWS Foundational Security Best Practices |
ELB.9 |
|
AWS Foundational Security Best Practices |
ELB.10 |
|
AWS Foundational Security Best Practices |
ELB.12 |
|
AWS Foundational Security Best Practices |
ELB.13 |
|
AWS Foundational Security Best Practices |
ELB.14 |
|
AWS Foundational Security Best Practices |
ELBv2.1 |
|
AWS Foundational Security Best Practices |
EMR.1 |
|
AWS Foundational Security Best Practices |
ES.1 |
|
AWS Foundational Security Best Practices |
ES.2 |
|
AWS Foundational Security Best Practices |
ES.3 |
|
AWS Foundational Security Best Practices |
ES.4 |
|
AWS Foundational Security Best Practices |
ES.5 |
|
AWS Foundational Security Best Practices |
ES.6 |
|
AWS Foundational Security Best Practices |
ES.7 |
|
AWS Foundational Security Best Practices |
ES.8 |
|
AWS Foundational Security Best Practices |
GuardDuty.1 |
|
AWS Foundational Security Best Practices |
IAM.1 |
|
AWS Foundational Security Best Practices |
IAM.2 |
|
AWS Foundational Security Best Practices |
IAM.3 |
|
AWS Foundational Security Best Practices |
IAM.4 |
|
AWS Foundational Security Best Practices |
IAM.5 |
|
AWS Foundational Security Best Practices |
IAM.6 |
|
AWS Foundational Security Best Practices |
IAM.7 |
|
AWS Foundational Security Best Practices |
IAM.8 |
|
AWS Foundational Security Best Practices |
IAM.21 |
|
AWS Foundational Security Best Practices |
Kinesis.1 |
|
AWS Foundational Security Best Practices |
KMS.1 |
|
AWS Foundational Security Best Practices |
KMS.2 |
|
AWS Foundational Security Best Practices |
KMS.3 |
|
AWS Foundational Security Best Practices |
Lambda.1 |
|
AWS Foundational Security Best Practices |
Lambda.2 |
|
AWS Foundational Security Best Practices |
Lambda.5 |
|
AWS Foundational Security Best Practices |
NetworkFirewall.3 |
|
AWS Foundational Security Best Practices |
NetworkFirewall.4 |
|
AWS Foundational Security Best Practices |
NetworkFirewall.5 |
|
AWS Foundational Security Best Practices |
NetworkFirewall.6 |
|
AWS Foundational Security Best Practices |
Opensearch.1 |
|
AWS Foundational Security Best Practices |
Opensearch.2 |
|
AWS Foundational Security Best Practices |
Opensearch.3 |
|
AWS Foundational Security Best Practices |
Opensearch.4 |
|
AWS Foundational Security Best Practices |
Opensearch.5 |
|
AWS Foundational Security Best Practices |
Opensearch.6 |
|
AWS Foundational Security Best Practices |
Opensearch.7 |
|
AWS Foundational Security Best Practices |
Opensearch.8 |
|
AWS Foundational Security Best Practices |
RDS.1 |
|
AWS Foundational Security Best Practices |
RDS.2 |
|
AWS Foundational Security Best Practices |
RDS.3 |
|
AWS Foundational Security Best Practices |
RDS.4 |
|
AWS Foundational Security Best Practices |
RDS.5 |
|
AWS Foundational Security Best Practices |
RDS.6 |
|
AWS Foundational Security Best Practices |
RDS.7 |
|
AWS Foundational Security Best Practices |
RDS.8 |
|
AWS Foundational Security Best Practices |
RDS.9 |
|
AWS Foundational Security Best Practices |
RDS.10 |
|
AWS Foundational Security Best Practices |
RDS.11 |
|
AWS Foundational Security Best Practices |
RDS.12 |
|
AWS Foundational Security Best Practices |
RDS.13 |
|
AWS Foundational Security Best Practices |
RDS.14 |
|
AWS Foundational Security Best Practices |
RDS.15 |
|
AWS Foundational Security Best Practices |
RDS.16 |
|
AWS Foundational Security Best Practices |
RDS.17 |
|
AWS Foundational Security Best Practices |
RDS.18 |
|
AWS Foundational Security Best Practices |
RDS.19 |
|
AWS Foundational Security Best Practices |
RDS.20 |
|
AWS Foundational Security Best Practices |
RDS.21 |
|
AWS Foundational Security Best Practices |
RDS.22 |
|
AWS Foundational Security Best Practices |
RDS.23 |
|
AWS Foundational Security Best Practices |
RDS.24 |
|
AWS Foundational Security Best Practices |
RDS.25 |
|
AWS Foundational Security Best Practices |
Redshift.1 |
|
AWS Foundational Security Best Practices |
Redshift.2 |
|
AWS Foundational Security Best Practices |
Redshift.3 |
|
AWS Foundational Security Best Practices |
Redshift.4 |
|
AWS Foundational Security Best Practices |
Redshift.6 |
|
AWS Foundational Security Best Practices |
Redshift.7 |
|
AWS Foundational Security Best Practices |
Redshift.8 |
|
AWS Foundational Security Best Practices |
Redshift.9 |
|
AWS Foundational Security Best Practices |
Redshift.10 |
|
AWS Foundational Security Best Practices |
S3.1 |
|
AWS Foundational Security Best Practices |
S3.2 |
|
AWS Foundational Security Best Practices |
S3.3 |
|
AWS Foundational Security Best Practices |
S3.4 |
|
AWS Foundational Security Best Practices |
S3.5 |
|
AWS Foundational Security Best Practices |
S3.6 |
|
AWS Foundational Security Best Practices |
S3.8 |
|
AWS Foundational Security Best Practices |
S3.9 |
|
AWS Foundational Security Best Practices |
S3.10 |
|
AWS Foundational Security Best Practices |
S3.11 |
|
AWS Foundational Security Best Practices |
S3.12 |
|
AWS Foundational Security Best Practices |
S3.13 |
|
AWS Foundational Security Best Practices |
SageMaker.1 |
|
AWS Foundational Security Best Practices |
SageMaker.2 |
|
AWS Foundational Security Best Practices |
SageMaker.3 |
|
AWS Foundational Security Best Practices |
SecretsManager.1 |
|
AWS Foundational Security Best Practices |
SecretsManager.2 |
|
AWS Foundational Security Best Practices |
SecretsManager.3 |
|
AWS Foundational Security Best Practices |
SecretsManager.4 |
|
AWS Foundational Security Best Practices |
SNS.1 |
|
AWS Foundational Security Best Practices |
SNS.2 |
|
AWS Foundational Security Best Practices |
SQS.1 |
|
AWS Foundational Security Best Practices |
SSM.1 |
|
AWS Foundational Security Best Practices |
SSM.2 |
|
AWS Foundational Security Best Practices |
SSM.3 |
|
AWS Foundational Security Best Practices |
SSM.4 |
|
AWS Foundational Security Best Practices |
StepFunctions.1 |
|
AWS Foundational Security Best Practices |
WAF.1 |
|
AWS Foundational Security Best Practices |
WAF.2 |
|
AWS Foundational Security Best Practices |
WAF.3 |
|
AWS Foundational Security Best Practices |
WAF.4 |
|
AWS Foundational Security Best Practices |
WAF.6 |
|
AWS Foundational Security Best Practices |
WAF.7 |
|
AWS Foundational Security Best Practices |
WAF.8 |
|
AWS Foundational Security Best Practices |
WAF.10 |