A compliance package is a set of rules that are predefined by Cloud Config based on a specific compliance scenario. You can create a compliance package based on a compliance package template, managed rules, and custom rules that are created. After you create a compliance package, you can view the compliance evaluation results of associated resources based on the specified account and rule.

Background information

By default, Cloud Config provides 12 compliance package templates. For more information, see Overview

After you create a compliance package, the managed rules that are specified in the compliance package are automatically created on the Rules page. You can modify, delete, enable, or disable the managed rules.

Before you use a compliance package, take note of the following limits:
  • If you use an ordinary account, you can create a maximum of five compliance packages.
  • If you use a management account, you can create a maximum of five compliance packages for the current account or each account group.

Ordinary accounts

If you use an ordinary account, you can create compliance packages for the current account.

  1. Log on to the Cloud Config console.
  2. In the left-side navigation pane, click Compliance Package.
  3. On the Compliance Package page, click Enable Compliance Package in the upper-right corner.
  4. In the Basic Information step, specify a name and a risk level for the compliance package. Then, click Next.
  5. In the Select a rule step, select Compliance Package Template, Rules, or Managed rule from the drop-down list. Then, select one or more rules from the rule list. If you select Compliance Package Template, select a compliance package template from the drop-down list that appears. Then, click Next.
  6. In the Rule Settings step, configure the Rule Name, Risk Level, and Description parameters for each rule, and then click Finish.

Use a management account

If you use a management account, you can create compliance packages for the current account and all member accounts in the specified account group.

  1. Log on to the Cloud Config console.
  2. In the left-side navigation pane, click Compliance Package.
  3. On the Compliance Package page, click the tab of the account group for which you want to create a compliance package.
  4. On the account group tab, click Enable Compliance Package in the upper-right corner.
  5. In the Basic Information step, specify a name and a risk level for the compliance package. Then, click Next.
  6. In the Select a rule step, select Compliance Package Template, Rules, or Managed rule from the drop-down list. Then, select one or more rules from the rule list. If you select Compliance Package Template, select a compliance package template from the drop-down list that appears. Then, click Next.
  7. In the Rule Settings step, configure the Rule Name, Risk Level, and Description parameters for each rule, and then click Finish.