Conformance Pack Sample Templates

Here are the conformance pack YAML templates that you see in AWS Config console. Within each conformance pack template, you can use one or more AWS Config rules and remediation actions. The AWS Config rules listed within the conformance pack can be AWS Config managed rules and/or AWS Config custom rules. You can download all the conformance pack templates from GitHub.

Important

Conformance packs provide a general-purpose compliance framework to help you create security, operational or cost-optimization governance checks using managed or custom AWS Config rules and AWS Config remediation actions. AWS conformance pack sample templates intend to help you create your own conformance packs with different or additional rules, input parameters and remediation actions that suit your environment. The sample templates, including those related to compliance standards and industry benchmarks, are not designed to ensure your compliance with a specific governance standard. They can neither replace your internal efforts nor guarantee that you will pass a compliance assessment.

Note

It is recommended that you review the rules available in the region where you deploy a conformance pack (List of AWS Config Managed Rules by Region Availability) and amend the template for rules not yet available in that region before deploying.

Topics

• AWS Control Tower Detective Guardrails Conformance Pack
• Operational Best Practices for ABS CCIG 2.0 Material Workloads
• Operational Best Practices for ABS CCIG 2.0 Standard Workloads
• Operational Best Practices for ACSC Essential 8
• Operational Best Practices for ACSC ISM
• Operational Best Practices for AI and ML
• Operational Best Practices for Amazon API Gateway
• Operational Best Practices for Amazon CloudWatch
• Operational Best Practices for Amazon DynamoDB
• Operational Best Practices for Amazon S3
• Operational Best Practices for APRA CPG 234
• Operational Best Practices for Asset Management
• Operational Best Practices for AWS Backup
• Operational Best Practices for AWS Identity And Access Management
• Operational Best Practices for AWS Well-Architected Framework Reliability Pillar
• Operational Best Practices for AWS Well-Architected Framework Security Pillar
• Operational Best Practices for BCP and DR
• Operational Best Practices for BNM RMiT
• Operational Best Practices for Canadian Centre for Cyber Security (CCCS) Medium Cloud Control Profile
• Operational Best Practices for CIS AWS Foundations Benchmark v1.4 Level 1
• Operational Best Practices for CIS AWS Foundations Benchmark v1.4 Level 2
• Operational Best Practices for CIS Critical Security Controls v8 IG1
• Operational Best Practices for CIS Critical Security Controls v8 IG2
• Operational Best Practices for CIS Critical Security Controls v8 IG3
• Operational Best Practices for CIS Top 20
• Operational Best Practices for CISA Cyber Essentials
• Operational Best Practices for Criminal Justice Information Services (CJIS)
• Operational Best Practices for CMMC Level 1
• Operational Best Practices for CMMC Level 2
• Operational Best Practices for CMMC Level 3
• Operational Best Practices for CMMC Level 4
• Operational Best Practices for CMMC Level 5
• Operational Best Practices for CMMC 2.0 Level 1
• Operational Best Practices for CMMC 2.0 Level 2
• Operational Best Practices for Compute Services
• Operational Best Practices for Data Resiliency
• Operational Best Practices for Databases Services
• Operational Best Practices for Data Lakes and Analytics Services
• Operational Best Practices for DevOps
• Operational Best Practices for EC2
• Operational Best Practices for Encryption and Key Management
• Operational Best Practices for ENISA Cybersecurity guide for SMEs
• Operational Best Practices for Esquema Nacional de Seguridad (ENS) Low
• Operational Best Practices for Esquema Nacional de Seguridad (ENS) Medium
• Operational Best Practices for Esquema Nacional de Seguridad (ENS) High
• Operational Best Practices for FDA Title 21 CFR Part 11
• Operational Best Practices for FedRAMP(Low)
• Operational Best Practices for FedRAMP(Moderate)
• Operational Best Practices for FedRAMP (High Part 1)
• Operational Best Practices for FedRAMP (High Part 2)
• Operational Best Practices for FFIEC
• Operational Best Practices for Germany Cloud Computing Compliance Criteria Catalog (C5)
• Operational Best Practices for Gramm Leach Bliley Act (GLBA)
• Operational Best Practices for GxP EU Annex 11
• Operational Best Practices for HIPAA Security
• Operational Best Practices for IRS 1075
• Operational Best Practices for K-ISMS
• Operational Best Practices for Load Balancing
• Operational Best Practices for Logging
• Operational Best Practices for Management and Governance Services
• Operational Best Practices for MAS Notice 655
• Operational Best Practices for MAS TRMG
• Operational Best Practices for Monitoring
• Operational Best Practices for NBC TRMG
• Operational Best Practices for NERC CIP BCSI
• Operational Best Practices for NCSC Cloud Security Principles
• Operational Best Practices for NCSC Cyber Assesment Framework
• Operational Best Practices for Networking and Content Delivery Services
• Operational Best Practices for NIST 800-53 rev 4
• Operational Best Practices for NIST 800-53 rev 5
• Operational Best Practices for NIST 800 171
• Operational Best Practices for NIST 800 172
• Operational Best Practices for NIST 800 181
• Operational Best Practices for NIST 1800 25
• Operational Best Practices for NIST CSF
• Operational Best Practices for NIST Privacy Framework v1.0
• Operational Best Practices for NYDFS 23
• Operational Best Practices for NZISM
• Operational Best Practices for PCI DSS 3.2.1
• Operational Best Practices for PCI DSS 4.0 (Excluding global resource types)
• Operational Best Practices for PCI DSS 4.0 (Including global resource types)
• Operational Best Practices for Publicly Accessible Resources
• Operational Best Practices for RBI Cyber Security Framework for UCBs
• Operational Best Practices for RBI MD-ITF
• Operational Best Practices for Security, Identity, and Compliance Services
• Operational Best Practices for Serverless
• Operational Best Practices for Storage Services
• Operational Best Practices for SWIFT CSP
• Security Best Practices for Amazon Elastic Container Service (Amazon ECS)
• Security Best Practices for Amazon Elastic File System (Amazon EFS)
• Security Best Practices for Amazon Elastic Kubernetes Service (Amazon EKS)
• Security Best Practices for Amazon CloudFront
• Security Best Practices for Amazon OpenSearch Service
• Security Best Practices for Amazon Redshift
• Security Best Practices for Amazon Relational Database Service (Amazon RDS)
• Security Best Practices for AWS Auto Scaling
• Security Best Practices for AWS CloudTrail
• Security Best Practices for AWS CodeBuild
• Security Best Practices for Amazon ECR
• Security Best Practices for AWS Lambda
• Security Best Practices for AWS Network Firewall
• Security Best Practices for Amazon SageMaker
• Security Best Practices for AWS Secrets Manager
• Security Best Practices for AWS WAF
• Example Templates with Remediation Action

For more information about template structure, see Template Anatomy in the AWS CloudFormation User Guide.