Compliance Policies

TotalCloud continuously discovers resources and ensures resources are compliant in relation to respective Benchmark & Best Practices policy provided out-of box.

A policy is a collection of controls used to measure and report compliance for a set of resources. Your compliance reports will show you resource compliance status (pass or fail) with the policy controls. You could use the policies we provide of build your own policy. Learn more

Controls are the building blocks of the policies used to measure and report compliance for a set of hosts. We provide many controls for you to choose from and you can customize them too. Learn more

The Policies tab lists the policies we currently support.

Cloud Provider

Policy Name

Service Coverage



CIS Amazon Web Services Foundations Benchmark

(v2.0.0 - 06-28-2023)

Identity and Access Management (IAM)
AWS Config
AWS CloudTrail
AWS CloudWatch
AWS Simple Notification Service (SNS)
AWS Simple Storage Service (S3)

AWS Best Practices Policy

Simple Storage Service (S3)
Relational Database Service (RDS)
Identity and Access Management (IAM)

AWS Lambda Best Practices Policy

Lambda Function

(Serverless Policies)

AWS Database Service Best Practices





CIS Microsoft Azure Foundations Benchmark

(v2.0.0 - 02-14-2023)

Security Centre
SQL Servers
Storage Account
Network Security Groups
Key Vault
Virtual Machines

Azure Database Service Best Practices Policy

SQL Database
SQL Server
MySQL Server
MariaDB Server
PostgreSQL Server

Azure Best Practises Policy

Security Centre
SQL Servers
Disk Snapshots

Azure Function App Best Practices Policy

App Service



CIS Google Cloud Platform Foundation Benchmark 

(v2.0.0 -12-30-2022

IAM and Admin
VPC StorageNetwork
Kubernetes Engine

GCP Cloud Functions Best Practices Policy


Cloud Functions

GCP Best Practices Policy

Kubernetes Engine

GCP Cloud SQL Best Practices Policy


GCP Kubernetes Engine Best Practices Policy

Kubernetes Engine



CIS Oracle Cloud Infrastructure Foundation Benchmark

(v2.0.0 - 29-12-2023)


Bucket (Object Storage)
Identity and Access Management (IAM)
OCI VCN (Virtual Cloud Network)

OCI Best Practices Policy


Bucket (Object Storage)

Identity and Access Management (IAM)