Once you integrate your AWS accounts with Comply, Comply will display the AWS resources, such as IAM users, IAM groups, EC2 instances, S3 buckets, and RDS instances owned by that AWS account. Comply gives you visibility into your AWS resources and simplifies the process of identifying your asset inventory by automatically updating and tagging "Service Accounts", "Groups", "Compute", and "Storage" asset groups in Comply.
Comply makes it easy to stay on top of your governance and compliance processes through automated asset-based procedures. You can configure procedures in Comply to automatically trigger tickets whenever it detects a new or an inactive asset. For example, Comply can automatically trigger a ticket with your data deletion procedure to ensure data is deleted from backups and snapshots within 60 days when it detects that an RDS instance has been deactivated in your AWS account.
Comply will scan your services such as IAM, EC2, S3, and RDS to ensure that a wide range of security measures are correctly implemented (see the Automations table below for the full scope of what evidence is automatically collected).
When a Comply scan identifies something that's against common security practices, the Automation will create an issue. These issues can be automatically tracked and have reminders to help expedite remediation.
When an issue is automatically identified and logged in Comply the resolution of that issue is automated by re-syncing. Simply fix the issue at the source and when the assets are synced to Comply again the issue will be resolved and removed.