rules: Differences between GitHub NIST 800-53 Rev.5 mappings and AWS Doc table

### What is the problem?

There are significant differences between this repo’s NIST 800-53 Rev.5 mapping file and the AWS Config documentation table. This affects rule presence and control mappings.

- Rule counts:
  - Present in both: 77
  - Only in AWS Doc: 49
  - Only in GitHub: 5
  - Naming variation cases: 2 (e.g., “cloud_trail” in GitHub vs “cloudtrail” in Doc; likely rule name vs identifier — https://docs.aws.amazon.com/ja_jp/config/latest/developerguide/cloudtrail-enabled.html)
- Mapping differences:
  - GitHub generally has more mappings per rule and one-level deeper granularity (e.g., SC-7(4)(b) vs SC-7(4)).
- Data quality note:
  - Duplicate control ID associated with a single rule in the GitHub JSON (lines 36 and 37).

References:
- GitHub JSON: https://github.com/aws-cloudformation/aws-guard-rules-registry/blob/main/mappings/rule_set_nist800_53rev5.json
- AWS Doc table: https://docs.aws.amazon.com/config/latest/developerguide/operational-best-practices-for-nist-800-53_rev_5.html

### Reproduction Steps

1) Open the GitHub JSON and the AWS Doc table (links above).
2) Compare rule presence across both sources.
3) For each rule, compare the sets of mapped control IDs.
4) Example to verify: alb-http-to-https-redirection-check
   - Common: AC-17(2), SC-8, SC-8(1), SC-8(2), SC-23
   - Only in AWS Doc: IA-5(1), SC-12(3), SC-13, SC-23(3), SC-7(4), SI-7(6)
   - Only in GitHub: AC-4, AC-4(22), AC-24(1), AU-9(3), CA-9b, IA-5(1)(c), PM-17b, SC-7(4)(b), SC-7(4)(g), SC-8(3), SC-8(4), SC-8(5), SC-13a, SI-1a.2, SI-1c.2

### What did you expect to happen?

The GitHub mapping file and the AWS Doc table should align, or intentional differences (including mapping granularity like SC-7(4) vs SC-7(4)(b)) should be documented. No duplicate control IDs should be associated with a single rule.

### What actually happened?

Rule presence and mapped control IDs differ between sources. GitHub tends to include more and deeper-granularity mappings. A duplicate control ID appears in the GitHub JSON (lines 36–37).

### CloudFormation Guard Version

N/A

### OS

N/A

### OS Version

_No response_

### Other information

_No response_

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

rules: Differences between GitHub NIST 800-53 Rev.5 mappings and AWS Doc table #283

What is the problem?

Reproduction Steps

What did you expect to happen?

What actually happened?

CloudFormation Guard Version

OS

OS Version

Other information

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

rules: Differences between GitHub NIST 800-53 Rev.5 mappings and AWS Doc table #283

Description

What is the problem?

Reproduction Steps

What did you expect to happen?

What actually happened?

CloudFormation Guard Version

OS

OS Version

Other information

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions