PyPI - aws-cis-controls-assessment - Versions diffs - 1.0.7__tar.gz → 1.0.9__tar.gz - Mend

aws-cis-controls-assessment 1.0.7tar.gz → 1.0.9tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (90) hide show

{aws_cis_controls_assessment-1.0.7/aws_cis_controls_assessment.egg-info → aws_cis_controls_assessment-1.0.9}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: aws-cis-controls-assessment
-Version: 1.0.7
+Version: 1.0.9
 Summary: Production-ready AWS CIS Controls compliance assessment framework with 145 comprehensive rules
 Author-email: AWS CIS Assessment Team <security@example.com>
 Maintainer-email: AWS CIS Assessment Team <security@example.com>
@@ -64,6 +64,7 @@ A production-ready, enterprise-grade framework for evaluating AWS account config
 ## 🎯 Key Features
 - **✅ Complete Coverage**: 131/131 CIS Controls rules implemented (100% coverage)
+- **✅ Dual Scoring System**: Both weighted and AWS Config-style scoring methodologies
 - **✅ Enterprise Ready**: Production-tested with enterprise-grade architecture
 - **✅ Performance Optimized**: Handles large-scale assessments efficiently
 - **✅ Multi-Format Reports**: JSON, HTML, and CSV with detailed remediation guidance
@@ -208,12 +209,16 @@ aws-cis-assess assess --output-format json
 - **[Installation Guide](docs/installation.md)**: Detailed installation instructions and requirements
 - **[User Guide](docs/user-guide.md)**: Comprehensive user manual and best practices
 - **[CLI Reference](docs/cli-reference.md)**: Complete command-line interface documentation
+- **[Dual Scoring Guide](docs/dual-scoring-implementation.md)**: Weighted vs AWS Config scoring methodologies
+- **[Scoring Methodology](docs/scoring-methodology.md)**: Detailed explanation of weighted scoring
+- **[AWS Config Comparison](docs/scoring-comparison-aws-config.md)**: Comparison with AWS Config approach
 - **[Troubleshooting Guide](docs/troubleshooting.md)**: Common issues and solutions
 - **[Developer Guide](docs/developer-guide.md)**: Development and contribution guidelines
 ### Technical Documentation
 - **[Assessment Logic](docs/assessment-logic.md)**: How compliance assessments work
 - **[Config Rule Mappings](docs/config-rule-mappings.md)**: CIS Controls to AWS Config rule mappings
+- **[HTML Report Improvements](docs/html-report-improvements.md)**: Enhanced HTML report features and customization
 ## 🤝 Support & Community

{aws_cis_controls_assessment-1.0.7 → aws_cis_controls_assessment-1.0.9}/README.md RENAMED Viewed

@@ -7,6 +7,7 @@ A production-ready, enterprise-grade framework for evaluating AWS account config
 ## 🎯 Key Features
 - **✅ Complete Coverage**: 131/131 CIS Controls rules implemented (100% coverage)
+- **✅ Dual Scoring System**: Both weighted and AWS Config-style scoring methodologies
 - **✅ Enterprise Ready**: Production-tested with enterprise-grade architecture
 - **✅ Performance Optimized**: Handles large-scale assessments efficiently
 - **✅ Multi-Format Reports**: JSON, HTML, and CSV with detailed remediation guidance
@@ -151,12 +152,16 @@ aws-cis-assess assess --output-format json
 - **[Installation Guide](docs/installation.md)**: Detailed installation instructions and requirements
 - **[User Guide](docs/user-guide.md)**: Comprehensive user manual and best practices
 - **[CLI Reference](docs/cli-reference.md)**: Complete command-line interface documentation
+- **[Dual Scoring Guide](docs/dual-scoring-implementation.md)**: Weighted vs AWS Config scoring methodologies
+- **[Scoring Methodology](docs/scoring-methodology.md)**: Detailed explanation of weighted scoring
+- **[AWS Config Comparison](docs/scoring-comparison-aws-config.md)**: Comparison with AWS Config approach
 - **[Troubleshooting Guide](docs/troubleshooting.md)**: Common issues and solutions
 - **[Developer Guide](docs/developer-guide.md)**: Development and contribution guidelines
 ### Technical Documentation
 - **[Assessment Logic](docs/assessment-logic.md)**: How compliance assessments work
 - **[Config Rule Mappings](docs/config-rule-mappings.md)**: CIS Controls to AWS Config rule mappings
+- **[HTML Report Improvements](docs/html-report-improvements.md)**: Enhanced HTML report features and customization
 ## 🤝 Support & Community

{aws_cis_controls_assessment-1.0.7 → aws_cis_controls_assessment-1.0.9}/aws_cis_assessment/__init__.py RENAMED Viewed

@@ -6,6 +6,6 @@ CIS Controls Implementation Groups (IG1, IG2, IG3). Implements 145 comprehensive
 across all implementation groups for complete security compliance assessment.
 """
-__version__ = "1.0.7"
+__version__ = "1.0.9"
 __author__ = "AWS CIS Assessment Team"
 __description__ = "Production-ready AWS CIS Controls Compliance Assessment Framework"

{aws_cis_controls_assessment-1.0.7 → aws_cis_controls_assessment-1.0.9}/aws_cis_assessment/controls/ig1/control_advanced_security.py RENAMED Viewed

@@ -68,8 +68,8 @@ class EC2ManagedInstanceAssociationComplianceStatusCheckAssessment(BaseConfigRul
                                 # Get association compliance status
                                 try:
                                     compliance_response = ssm_client.list_compliance_items(
-                                        ResourceId=instance_id,
-                                        ResourceType='ManagedInstance'
+                                        ResourceIds=[instance_id],
+                                        ResourceTypes=['ManagedInstance']
                                     )
                                     compliance_items = compliance_response.get('ComplianceItems', [])

{aws_cis_controls_assessment-1.0.7 → aws_cis_controls_assessment-1.0.9}/aws_cis_assessment/core/assessment_engine.py RENAMED Viewed

@@ -702,12 +702,16 @@ class AssessmentEngine:
             # Calculate overall score using scoring engine
             overall_score = self.scoring_engine.calculate_overall_score(ig_scores)
+            # Calculate AWS Config-style unweighted score
+            aws_config_score = self.scoring_engine.calculate_aws_config_style_score(ig_scores)
             # Create final assessment result
             assessment_result = AssessmentResult(
                 account_id=account_id,
                 regions_assessed=self.aws_factory.regions.copy(),
                 timestamp=datetime.now(),
                 overall_score=overall_score,
+                aws_config_score=aws_config_score,  # Add AWS Config score
                 ig_scores=ig_scores,
                 total_resources_evaluated=len(all_results),
                 assessment_duration=self.progress.elapsed_time

{aws_cis_controls_assessment-1.0.7 → aws_cis_controls_assessment-1.0.9}/aws_cis_assessment/core/models.py RENAMED Viewed

@@ -126,6 +126,7 @@ class AssessmentResult:
     regions_assessed: List[str]
     timestamp: datetime
     overall_score: float
+    aws_config_score: float = 0.0  # AWS Config Conformance Pack style score
     ig_scores: Dict[str, IGScore] = field(default_factory=dict)
     total_resources_evaluated: int = 0
     assessment_duration: Optional[timedelta] = None

{aws_cis_controls_assessment-1.0.7 → aws_cis_controls_assessment-1.0.9}/aws_cis_assessment/core/scoring_engine.py RENAMED Viewed

@@ -47,6 +47,36 @@ class ScoringEngine:
         logger.info("ScoringEngine initialized with control and IG weights")
+    def calculate_aws_config_style_score(self, ig_scores: Dict[str, IGScore]) -> float:
+        """Calculate compliance score using AWS Config Conformance Pack approach.
+        This is a simple unweighted calculation:
+        Score = Total Compliant Resources / Total Resources
+        Args:
+            ig_scores: Dictionary of IG scores
+        Returns:
+            Unweighted compliance percentage (0-100)
+        """
+        total_compliant = 0
+        total_resources = 0
+        # Sum all compliant and total resources across all IGs and controls
+        for ig_score in ig_scores.values():
+            for control_score in ig_score.control_scores.values():
+                total_compliant += control_score.compliant_resources
+                total_resources += control_score.total_resources
+        if total_resources > 0:
+            aws_config_score = (total_compliant / total_resources) * 100
+        else:
+            aws_config_score = 0.0
+        logger.info(f"AWS Config style score: {aws_config_score:.1f}% "
+                   f"({total_compliant}/{total_resources} resources compliant)")
+        return aws_config_score
     def calculate_control_score(self, control_id: str, rule_results: List[ComplianceResult],
                               control_title: str = "", implementation_group: str = "") -> ControlScore:
         """Calculate compliance score for individual CIS Control.

{aws_cis_controls_assessment-1.0.7 → aws_cis_controls_assessment-1.0.9}/aws_cis_assessment/reporters/base_reporter.py RENAMED Viewed

@@ -110,6 +110,8 @@ class ReportGenerator(ABC):
             },
             'executive_summary': {
                 'overall_compliance_percentage': compliance_summary.overall_compliance_percentage,
+                'aws_config_style_score': assessment_result.aws_config_score,  # Add AWS Config score
+                'score_difference': compliance_summary.overall_compliance_percentage - assessment_result.aws_config_score,  # Show difference
                 'ig1_compliance_percentage': compliance_summary.ig1_compliance_percentage,
                 'ig2_compliance_percentage': compliance_summary.ig2_compliance_percentage,
                 'ig3_compliance_percentage': compliance_summary.ig3_compliance_percentage,

aws-cis-controls-assessment 1.0.7__tar.gz → 1.0.9__tar.gz

aws-cis-controls-assessment 1.0.7tar.gz → 1.0.9tar.gz