Compliance Policies

TotalCloud continuously discovers resources and ensures they are compliant in relation to the respective Benchmark & Best Practices policy provided out-of-the-box.

A policy is a collection of controls used to measure and report compliance for a set of resources. Your compliance reports will show you resource compliance status (pass or fail) with the policy controls. You could use the policies we provide to build your own policy. Learn more

Controls are the building blocks of the policies used to measure and report compliance for a set of hosts. We provide many controls for you to choose from, and you can customize them too. Learn more

The Policies tab lists the policies we currently support.

Cloud Provider	Policy Name	Service Coverage
AWS	CIS Amazon Web Services Foundations Benchmark - v5.0.0	Identity and Access Management Storage Simple Storage Service (S3) Elastic Compute Cloud (EC2) Relational Database Service (RDS) Elastic File System (EFS) Logging Monitoring Networking
	AWS Best Practices Policy	Identity and Access Management: Identity and Access Management (IAM) Storage: Simple Storage Service (S3) Elastic File System (EFS) S3 Glacier AWS Backup Data Sync Security and Encryption: Key Management Service (KMS) Secrets Manager AWS Certificate Manager (ACM) AWS Backup Compute: Elastic Compute Cloud (EC2) ElasticCache Workspace EMR API Gateway SageMaker Elastic Container Service (ECS) Code Build App Mesh Networking: Virtual Private Cloud (VPC) Route53 Kinesis Amazon MSK Amazon MQ CloudFront Amazon Workspaces AWS Direct Connect Messaging and Notification: Simple Notification Service (SNS) Simple Queue Service (SQS) Monitoring and Management: AWS Config CloudWatch CloudTrail AWS CloudFormation AWS Backup Analytics and Database: Athena Amazon Glue Database Migration Service (DMS) File and Content Delivery: CloudFront Transfer Family Directory and Authentication: Microsoft AD Directory
	AWS Lambda Best Practices Policy	Lambda Function
	AWS Identity Access Management Best Practices Policy	IAM Users IAM Groups IAM Policy IAM Roles
	AWS Database Service Best Practices	RDS Redshift DocumentDB NeptuneDB Quantum Ledger DB DynamoDB
Azure	CIS Microsoft Azure Foundations Benchmark - v4.0.0	Identity and Access Management Microsoft Defender Storage Accounts Database Services SQL Server - Auditing SQL Server – Microsoft Defender for SQL PostgreSQL Database Server MySQL Database Cosmos DB Logging and Monitoring Networking Virtual Machines Key Vault AppService
	CIS Microsoft Azure Database Services Benchmark v1.0.0	Azure Cache for Redis Azure Cosmos DB Azure Database for MySQL Azure Database for PostgreSQL Azure SQL Database
	CIS Microsoft Azure Storage Services Benchmark v1.0.0	Azure Blob Storage Storage Accounts
	CIS Microsoft Azure Compute Services Benchmark v1.0.0	App Service Azure Container Instances Virtual Machines
	Azure Database Service Best Practices Policy	Azure SQL PostgreSQL Server MySQL Server MariaDB Server Cosmos DB
	Azure Best Practices Policy	Security and Compliance: Security Center Key Vault ISE (Azure Information Security and Compliance) WAF (Web Application Firewall) Azure CDN (Content Delivery Network) Azure Front Door Log Analytics Workspace Cost Management Health Data Services Compute: Virtual Machine Kubernetes Service Container Registry Container Instances VM Scale Sets HD Insight Azure Spring Cloud Azure Batch Storage: Disk Snapshot Storage Account Storage Sync Services Data Lake Storage Data Lake Analytics Networking: Virtual Networks Application Gateways Network Interface Virtual WAN Azure CDN (Content Delivery Network) Azure Front Door Monitoring and Management: Monitor Log Analytics Workspace Application Insights Data and Analytics: Azure Synapse Analytics Azure Data Explorer Data Factory Event and Messaging: Disk Accesses Event Hubs Service Bus Event Grid Identity and Access Management (IAM) and Administration: IAM & Admin (Azure RBAC) Azure Automation DPS (Data Protection Services) AI and Cognitive Services: Cognitive Services IoT and Edge Services: Azure IOT Hub Integration and API Management Logic Apps API Management
	Azure Function App Best Practices Policy	App Service Function App Web App
GCP	CIS Google Cloud Platform Foundation Benchmark - v3.0.0	Identity and Access Management Logging and Monitoring Networking Virtual Machines Storage Cloud SQL Database Services MYSQL Database PostgreSQL Database SQL Server BigQuery
	GCP Cloud Functions Best Practices Policy	Cloud Functions
	GCP Best Practices Policy	Storage Cloud Storage Networking VPC Network Messaging PubSub Identity and Access Management IAM & Admin Compute Compute Engine
	GCP Cloud SQL Best Practices Policy	PostgreSQL MySQL
	GCP Kubernetes Engine Best Practices Policy	Kubernetes Engine Kubernetes Cluster Kubernetes Cluster Node
OCI	CIS Oracle Cloud Infrastructure Foundation Benchmark - v3.0.0	Identity and Access Management Networking Logging and Monitoring Storage Object Storage Block Volumes File Storage Service
OCI	OCI Best Practices Policy	Compute Storage IAM

Last updated: October, 2025