View IaC+ and cloud compliance reporting
Release status Snyk IaC+ is now in closed beta and is no longer accepting new customers for participation. See Getting started with current IaC for details about the functionality available.
Overview of compliance reporting
Snyk IaC supports compliance reporting and cloud issue triage for compliance standards and controls relevant to cloud services. With this information, developers can fix issues to bring cloud environments into compliance, and auditors can see appropriate evidence.
To learn how to view the compliance report, see Cloud Compliance Issues Report.
To learn how to triage cloud issues by filtering them according to compliance standards and controls, see Filter issues.
See Key concepts for definitions of compliance standards and controls, security rules, and more.
Supported compliance standards
| Compliance standard | Status |
|---|---|
AWS Well Architected (2020-07-02) | Generally available |
CSA Cloud Controls Matrix (v3.0.1) | Generally available |
CSA Cloud Controls Matrix (v4.0.5) | Beta |
CIS Kubernetes Benchmark (v1.6.1) | Generally available |
CIS AWS Benchmark (v1.2.0) | Generally available |
CIS AWS Benchmark (v1.3.0) | Generally available |
CIS AWS Benchmark (v1.4.0) | Generally available |
CIS AWS Benchmark (v1.5.0) | Generally available |
CIS AWS Benchmark (v2.0.0) | Generally available |
CIS Google Cloud Benchmark (v1.1.0) | Generally available |
CIS Google Cloud Benchmark (v1.2.0) | Generally available |
CIS Google Cloud Benchmark (v1.3.0) | Generally available |
CIS Azure Benchmark (v1.1.0) | Generally available |
CIS Azure Benchmark (v1.3.0) | Generally available |
CIS Azure Benchmark (v1.4.0) | Generally available |
CIS Controls (v7.1) | Generally available |
CIS Controls (v8.0) | Beta |
GDPR (2016) | Generally available |
HIPAA (2013) | Generally available |
ISO/IEC 27001 (2013) | Generally available |
NIST SP 800-53 (Rev4) | Generally available |
PCI DSS (v3.2.1) | Generally available |
SOC 2 (2017) | Generally available |
Last updated