aws-compliance-checkerlisted

# AWS Compliance Checker Automated compliance validation against industry standards including CIS AWS Foundations, PCI-DSS, HIPAA, and SOC 2. ## When to Use Use this skill when you need to validate AWS compliance against industry standards, prepare for audits, or maintain continuous compliance monitoring. ## Supported Frameworks **CIS AWS Foundations Benchmark** - Identity and Access Management - Logging and Monitoring - Networking - Data Protection **PCI-DSS (Payment Card Industry)** - Network security - Access controls - Encryption - Monitoring and logging **HIPAA (Healthcare)** - Access controls - Audit controls - Data encryption - Transmission security **SOC 2** - Security - Availability - Confidentiality - Privacy ## CIS AWS Foundations Checks ### Identity & Access Management (1.x) ```bash #!/bin/bash # cis-iam-checks.sh echo "=== CIS IAM Compliance Checks ===" # 1.1: Root account usage echo "1.1: Checking root account usage..." root_usage=$(aws iam get-credential-report --output text | \ awk -F, 'NR==2 {print $5,$11}') echo " Root password last used: $root_usage" # 1.2: MFA on root account echo "1.2: Checking root MFA..." root_mfa=$(aws iam get-account-summary \ --query 'SummaryMap.AccountMFAEnabled' --output text) echo " Root MFA enabled: $root_mfa" # 1.3: Unused credentials echo "1.3: Checking for unused credentials (>90 days)..." aws iam get-credential-report --output text | \ awk -F, 'NR>1 { if ($5 != "N/A" && $5 != "no_information") {