200+ checks covering industry defined security best practices for Azure. Includes full support for CIS v1.3
, HIPAA HITRUST 9.2
and NIST SP 800-53
compliance benchmarks across all your Azure subscriptions.
Includes full support for the CIS v1.3 Azure Benchmarks:
Includes support for:
-
Download and install Steampipe (https://steampipe.io/downloads).
-
Install the Azure and the Azure Active Directory plugins with Steampipe:
steampipe plugin install azure
steampipe plugin install azuread
- Configure your Azure CLI credentials
az login
- Clone this repo:
git clone https://github.com/turbot/steampipe-mod-azure-compliance.git
cd steampipe-mod-azure-compliance
- Run all the benchmarks:
steampipe check all
Run an individual benchmark:
steampipe check benchmark.cis_v130_6
View all controls in this mod:
steampipe query "select resource_name from steampipe_control;"
Run a specific control:
steampipe check control.cis_v130_4_3_5
If you have an idea for additional compliance controls, or just want to help maintain and extend this mod (or others) we would love you to join the community and start contributing. (Even if you just want to help with the docs.)
Please see the contribution guidelines and our code of conduct. All contributions are subject to the Apache 2.0 open source license.
help wanted
issues: