16 December 2020 - Rule Update Notice

Support for AWS Well-Architected Tool

Announced at this year’s AWS re Invent virtual conference, Conformity now supports the AWS Well-Architected tool to help companies accelerate innovation while achieving compliance through enhanced cloud security posture management.

We have released the following two Rules to get you started with the tool. For more information, see our online help.

Custom Policy Updates

The custom policy has been updated to version 1.22 as a result of the new deployment. You’ll need to update your custom policy to the latest version. The permissions added include:

1. wellarchitected:ListWorkloads
2. wellarchitected:GetWorkload

The following new rules are only available when you update to the new custom policy version.

New Rules

1. WellArchitected-001: AWS Well-Architected tool is in use
   This rule checks if you're currently using the AWS Well-Architected Tool to review your cloud workloads against AWS best practices and get guidance on how to make them more secure, reliable, efficient, and cost-effective.
2. WellArchitected-002: AWS Well-Architected workload findings
   This rule highlights the medium and high-level risks identified in a workload by the AWS Well-Architected Tool so that they can be audited and resolved.

Further Resources:

• Companies Leveraging AWS Well-Architected Reviews Now Benefit from Security Innovations from Trend Micro
• New APIs Enable AWS Partners to Scale Well-Architected Principles Across Teams and Systems