-
Notifications
You must be signed in to change notification settings - Fork 2
Rule Index (Comment) Structure
Anna Shcherbak edited this page Sep 12, 2023
·
7 revisions
- Structure of the Index
-
Attribute Mappings
2.1. Cloud Mapping
2.2. Platform Mapping
2.3. Category Mapping
2.4. Service Section Mapping
2.5. Source Mapping
2.6. Customization Mapping
2.7. Multiregional Mapping
The Index (comment) structure follows a pattern that represents different metadata attributes of a rule. The Index contains 10 digits and have following structure:
- Cloud: Represents the cloud provider where the rule is applicable. (2 digits)
- Platform: Represents the platform where the rule is applicable. (2 digits)
- Category: Represents the category of the rule, indicating its purpose or focus. (2 digits)
- Service Section: Represents the cloud service section to which the rule applies. (2 digits)
- Source: Represents the source of the rule (e.g., benchmark). (2 digits)
- Customization: Indicates whether the rule has 'customization' (1) or not (0). (1 digit)
- Multiregional: Indicates whether the rule is multiregional (1) or not (0). (1 digit)
Example of Index name structure:
Example of how to use tables and indexes to define metadata attributes:
Here are the attribute mappings used to construct the Index (comment):
Cloud | Index |
---|---|
None | 00 |
AWS | 01 |
AZURE | 02 |
GCP | 03 |
Platform | Index |
---|---|
None | 00 |
Kubernetes | 01 |
OpenShift | 02 |
Kubernetes and OpenShift | 03 |
Category mapping
Category | Index |
---|---|
FinOps | 00 |
Lifecycle management | 01 |
Unutilized Resources | 02 |
Idle and underutilized resources | 03 |
Rightsizing | 04 |
Autoscaling | 05 |
Computing resources optimization | 06 |
Storage optimization | 07 |
Reserved instances and savings plan usage | 08 |
Other cost optimization checks | 09 |
Tagging | 10 |
Security | 11 |
Detect | 12 |
Identify | 13 |
Protect | 14 |
Recover | 15 |
Detection services | 16 |
Secure access management | 17 |
Inventory | 18 |
Logging | 19 |
Resource configuration | 20 |
Vulnerability, patch, and version management | 21 |
Secure access management | 22 |
Secure configuration | 23 |
Secure network configuration | 24 |
Data protection | 25 |
API protection | 26 |
Protective services | 27 |
Secure development | 28 |
Key, Secrets, and Certificate management | 29 |
Network security | 30 |
Resilience | 31 |
Monitoring | 32 |
Access control | 33 |
Passwordless authentication | 34 |
Root user access restrictions | 35 |
MFA enabled | 36 |
Sensitive API actions restricted | 37 |
Resource policy configuration | 38 |
API private access | 39 |
Resources not publicly accessible | 40 |
Resources within VPC | 41 |
Security group configuration | 42 |
Encryption of data at rest | 43 |
Encryption of data in transit | 44 |
Encryption of data at rest and in transit | 45 |
Data integrity | 46 |
Data deletion protection | 47 |
Credentials not hardcoded | 48 |
Backups enabled | 49 |
High availability | 50 |
Service Section Mapping
Service Section | Index |
---|---|
Identity and Access Management | 00 |
Logging and Monitoring | 01 |
Networking & Content Delivery | 02 |
Compute | 03 |
Storage | 04 |
Analytics | 05 |
Databases | 06 |
Kubernetes Engine | 07 |
Containers | 08 |
Security & Compliance | 09 |
Cryptography & PKI | 10 |
Machine learning | 11 |
End User Computing | 12 |
Developer Tools | 13 |
Application Integration | 14 |
Dataproc | 15 |
App Engine | 16 |
AppService | 17 |
Microsoft Defender for Cloud | 18 |
Source Mapping
Source | Index |
---|---|
Azure Security Benchmark (V3) | 00 |
CIS Amazon Web Services Foundations Benchmark v1.2.0 | 01 |
CIS Amazon Web Services Foundations Benchmark v1.4.0 | 02 |
CIS Amazon Web Services Foundations Benchmark v1.5.0 | 03 |
CIS AWS Compute Services Benchmark v1.0.0 | 04 |
CIS AWS EKS Benchmark 1.1.0 | 05 |
CIS AWS End User Compute Services Benchmark v1.0.0 | 06 |
CIS Benchmark Google Cloud Platform Foundation v1.0.0 | 07 |
CIS Benchmark Google Cloud Platform Foundation v1.2.0 | 08 |
CIS Benchmark Google Cloud Platform Foundation v1.3.0 | 09 |
CIS Benchmark Google Cloud Platform Foundation v2.0.0 | 10 |
CIS Google Kubernetes Engine (GKE) Benchmark v1.3.0 | 11 |
CIS Google Kubernetes Engine (GKE) Benchmark v1.4.0 | 12 |
CIS Microsoft Azure Foundations Benchmark v1.4.0 | 13 |
CIS Microsoft Azure Foundations Benchmark v1.5.0 | 14 |
CIS Microsoft Azure Foundations Benchmark v2.0.0 | 15 |
CIS MySQL Enterprise Edition 8.0 Benchmark v1.2.0 | 16 |
CIS Oracle Database 19 Benchmark v1.0.0 | 17 |
CIS Oracle MySQL Community Server 5.7 Benchmark v2.0.0 | 18 |
CIS PostgreSQL 11 Benchmark 1.0.0 | 19 |
EPAM | 20 |
NIST SP 800-53 Rev. 5 | 21 |
PCI DSS | 22 |
Customization | Index |
---|---|
Present | 1 |
Absent | 0 |
Multiregional | Index |
---|---|
Present | 1 |
Absent | 0 |