Lifecycle managerProduct backup radarLifecycle insights for navigation links visualizationCognition360Control Map
ControlMap Logo

ControlMap + AWS

Automatically collect compliance evidence and continuously map it to frameworks to keep your clients compliant through integration of Control Map and AWS.

What is AWS?

Amazon Web Services (AWS) is a cloud computing platform offering a range of services related to computing, storage, databases, networking, security, machine learning, and more. They are provided on a metered, pay-as-you-go basis to help customers scale and optimize costs, while delivering reliable IT services.

Why integrate ControlMap + AWS?

Integrating ControlMap and AWS allows for automatic collection of evidence, mapping to frameworks, and continuous checks and updates.

Collection of evidence - Once you’ve connected AWS to ControlMap, the connection automatically starts collecting security and compliance evidence. This includes MFA configuration settings, password policies for IAM users, and more.

Mapping to frameworks - The collected evidence is then mapped to over 50 security and compliance frameworks, such as SOC 2, ISO 27001, HIPAA, FTC Safeguards, CIS Controls, CMMC, and other frameworks and security standards. Mapping the evidence automatically provides a detailed view of any gaps that need to be addressed.

Ongoing automatic updates - The ControlMap-AWS integration is not simply a one-time check. ControlMap can be configured to regularly scan the AWS environment on a daily (or weekly) basis to provide up-to-date evidence. This will update the evidence based on the current settings, ensuring that your team is aware of any configuration changes, new risks or gaps so you can take remedial action to maintain compliance.

Connecting ControlMap and AWS reduces hours of manual checks. It automatically retrieves, updates, and stores current evidence required for compliance frameworks so Your team can focus on maintaining and improving security.

What is collected?

ControlMap scans the AWS environment on a daily or a weekly basis for CIS best practices, such as MFA being used, backups being enabled on RDS instances, and databases being encrypted. More about the best practices can be found on the AWS-CIS website here.

How to integrate ControlMap + AWS?

ControlMap creates an IAM role with READ and LIST only permissions which it uses to connect to your environment and perform compliance checks. Once the role is successfully created, you’ll need to provide the URN of the role in ControlMap settings. For details, refer to the help center article here.

Ready to see how ControlMap helps you establish and manage an audit-ready Compliance as a Service program?

Book a demo now