aws-rule-standards-mappings
Advanced tools
Store of consumable data for mapping AWS Config Rules to various security and compliance standards.
This repository facilities the collection, storage, and versioning of security and compliance standards and their associations to AWS config rules. This is done very simply by scraping data from the AWS Developer Guide Documentation for AWS config. Several standards for operational best practices are annotated in the documentation under Conformance Packs -> Conformance Pack Sample Templates. Each page references a standard and several of them contain a table which provides this association as well as remediation guidance.
Security and compliance standards and mappings to AWS Config Rules are stored in the mappings directory. Each JSON file represents a page from the AWS documentation and is named accordingly. The file includes a Javascript object with some details about the standard as well as all of the mappings as pulled from the table.
If a page does not have a table a file will not exist.
This repository provides an NPM package and can be used as a Node JS module.
Add the package as a dependency:
npm install --save aws-rule-standards-mappings
The standards with associated controls as well as all of the controls with the name of the associated standard and AWS documentation URL (StandardName and StandardDocumentation) are provided for direct consumptiom
const awsrsm = require('aws-rule-standards-mappings');
awsrsm.standards.map(standard => console.log(standard.standard.name));
Additionally a function is provided for location controls enforced by a particular rule. The rule name provided can be a fuzzy or exact match and is configurable in the options:
const awsrsm = require('aws-rule-standards-mappings');
awsrsm.controlsEnforcedByRule("api-gw"); // returns array of controls with "api-gw" in the rule name
awsrsm.controlsEnforcedByRule("api-gw", { exact: true }); // returns empty array
awsrsm.controlsEnforcedByRule("api-gw-ssl-enabled", { exact: true }); // returns matching controls array
Each standard rule mapping is scrapped from the AWS Config Developer Guide.
The mappings are updated by running npm run update which runs the update.js script, scrapes the data, and overwrites the files in mappings.
FAQs
Store of consumable data for mapping AWS Config Rules to various security and compliance standards.
We found that aws-rule-standards-mappings demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.