CloudWiki

The Federal Risk and Authorization Management Program (FedRAMP) is a government-wide program that promotes the adoption of secure cloud services across the federal government by providing a standardized approach to security and risk assessment for cloud technologies and federal agencies. FedRAMP standardizes security requirements for the authorization and ongoing cybersecurity of cloud services in accordance with FISMA , OMB Circular A-130 , and FedRAMP policy.

Compliance checks for Amazon Web Services

Warning
Ensure IAM Role has no inline policy
Warning
Ensure that S3 Buckets are configured with "Block public access"
Warning
Ensure IAM Group has no inline policy
Warning
Ensure IAM User has no inline policy
Critical
Ensure all IAM users with console access have MFA enabled