Walkthrough: Remediating compliance violations


In a previous walkthrough, you learned how to identify violations by leveraging the out-of-the-box CIS policies for AWS. In that walkthrough, a company that was using Amazon Simple Storage Service (S3) to store and retrieve data wanted to ensure that all data associated with S3 buckets was properly secured. Remediation action for a compliance violation with CIS policies for AWS, GCP or Azure will require the same remediation steps. In this walkthrough, you will initiate a remediation action for a compliance violation with CIS policies for AWS as an example.

Scenario

A company has identified critical violations to AWS policies whereby access to the S3 bucket CloudTrail logs has not been restricted.

Note:

Since the remediation action is similar for AWS, GCP as well as Azure, the above example will serve to assist with GCP as well as Azure.

Where to go from here

For more information about remediation, see Remediating violations.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*