Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CIS compliance missing in Azure & GCP plugins. #812

Open
tusharMathurImpetus opened this issue Jul 20, 2021 · 5 comments · May be fixed by #1512
Open

CIS compliance missing in Azure & GCP plugins. #812

tusharMathurImpetus opened this issue Jul 20, 2021 · 5 comments · May be fixed by #1512

Comments

@tusharMathurImpetus
Copy link

tusharMathurImpetus commented Jul 20, 2021
edited
Loading

Whenever I try to run the report for Azure Cloud using CIS compliance, I get the error as Nothing to collect as there is no compliance object there for CIS benchmark unlike for HIPAA and PCI.
Please do let me know if there is going to be any update on this.
@TjebbeVQ
Copy link

TjebbeVQ commented Sep 6, 2021

I second this. Both CIS1 and CIS2 don't seem to have CIS compliance plugins. When could we expect an update on this?

@octopop
Copy link

octopop commented Oct 31, 2021

I do not think there will be an update on this given the paid product has all these features and compliance mapping to each plugin. It is unfortunate and contrary because Aqua claims that they do not limit the OSS version -- as published here on their website:

Scan Without Limits
All of CloudSploit's core scanning engine has been open sourced. We do not limit the services, plugins, or scanning features exposed via our open source tools.

@jessequinn
Copy link

any update from Aquasecurity here?

@hi-artem
Copy link

hi-artem commented Dec 7, 2022
edited
Loading

Any comments from Aqua engineers/product team?

@hi-artem
Copy link

Looks like this one is a duplicate #526

But it has a good explanation of what needs to be added to GCP plugins to make address the issue.

@hi-artem hi-artem linked a pull request Jan 4, 2023 that will close this issue
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

(feat) Add CIS Compliance Mapping for GCP Benchmark hi-artem/cloudsploit
5 participants
@jessequinn @TjebbeVQ @hi-artem @octopop @tusharMathurImpetus