Controls

A control is a specific compliance requirement or a best practice defined in YAML.

Each control is uniquely identified by ID, scoped to specific integrations, and includes metadata, queries, severity levels, and tags. Controls can utilize variables making them flexible and reusable across environments.

The open source version already comes with 2000+ Controls for AWS & Azure users.

Key Features of Controls

• Reusable: Controls can be referenced multiple times by their ID within a single framework or across multiple frameworks. This reusability reduces redundancy and ensures consistency in compliance checks throughout different parts of the organization.

• Powerful: Queries within controls can assess complex scenarios across multiple accounts, projects, regions, or vendors. This flexibility allows controls to be applied in diverse environments and use cases, supporting a unified compliance strategy across various platforms.

• Configurable: Customize thresholds or configurations within controls using variables (e.g., awsIamAccessKeyAge). This enables alignment with organizational policies by allowing different settings—such as key rotation periods—to be adjusted without altering the control's core logic.