mark Level 1 checks as such

checks/check11

@@ -11,6 +11,7 @@
 CHECK_ID_check11="1.1,1.01"
 CHECK_TITLE_check11="[check11] Avoid the use of the root account (Scored)"
 CHECK_SCORED_check11="SCORED"
+CHECK_TYPE_check11="LEVEL1"
 CHECK_ALTERNATE_check101="check11"
 
 check11(){

checks/check110

@@ -11,7 +11,8 @@
 CHECK_ID_check110="1.10"
 CHECK_TITLE_check110="[check110] Ensure IAM password policy prevents password reuse: 24 or greater (Scored)"
 CHECK_SCORED_check110="SCORED"
-CHECK_ALTERNATE_check110="check110" 
+CHECK_TYPE_check110="LEVEL1"
+CHECK_ALTERNATE_check110="check110"
 
 check110(){
   # "Ensure IAM password policy prevents password reuse: 24 or greater (Scored)"

checks/check111

@@ -11,6 +11,7 @@
 CHECK_ID_check111="1.11"
 CHECK_TITLE_check111="[check111] Ensure IAM password policy expires passwords within 90 days or less (Scored)"
 CHECK_SCORED_check111="SCORED"
+CHECK_TYPE_check111="LEVEL1"
 CHECK_ALTERNATE_check111="check111"
 
 check111(){

checks/check112

@@ -10,7 +10,8 @@
 
 CHECK_ID_check112="1.12"
 CHECK_TITLE_check112="[check112] Ensure no root account access key exists (Scored)"
-CHECK_SCORED_check112="SCORED" 
+CHECK_SCORED_check112="SCORED"
+CHECK_TYPE_check112="LEVEL1"
 CHECK_ALTERNATE_check112="check112"
 
 check112(){

checks/check113

@@ -11,7 +11,8 @@
 CHECK_ID_check113="1.13"
 CHECK_TITLE_check113="[check113] Ensure MFA is enabled for the root account (Scored)"
 CHECK_SCORED_check113="SCORED"
-CHECK_ALTERNATE_check113="check113" 
+CHECK_TYPE_check113="LEVEL1"
+CHECK_ALTERNATE_check113="check113"
 
 check113(){
   # "Ensure MFA is enabled for the root account (Scored)"

checks/check115

@@ -11,7 +11,8 @@
 CHECK_ID_check115="1.15"
 CHECK_TITLE_check115="[check115] Ensure security questions are registered in the AWS account (Not Scored)"
 CHECK_SCORED_check115="SCORED"
-CHECK_ALTERNATE_check115="check115" 
+CHECK_TYPE_check115="LEVEL1"
+CHECK_ALTERNATE_check115="check115"
 
 check115(){
   # "Ensure security questions are registered in the AWS account (Not Scored)"

checks/check116

@@ -11,7 +11,8 @@
 CHECK_ID_check116="1.16"
 CHECK_TITLE_check116="[check116] Ensure IAM policies are attached only to groups or roles (Scored)"
 CHECK_SCORED_check116="SCORED"
-CHECK_ALTERNATE_check116="check116" 
+CHECK_TYPE_check116="LEVEL1"
+CHECK_ALTERNATE_check116="check116"
 
 check116(){
   # "Ensure IAM policies are attached only to groups or roles (Scored)"

checks/check117

@@ -11,7 +11,8 @@
 CHECK_ID_check117="1.17"
 CHECK_TITLE_check117="[check117] Enable detailed billing (Scored)"
 CHECK_SCORED_check117="SCORED"
-CHECK_ALTERNATE_check117="check117" 
+CHECK_TYPE_check117="LEVEL1"
+CHECK_ALTERNATE_check117="check117"
 
 check117(){
   # "Enable detailed billing (Scored)"

checks/check118

@@ -11,7 +11,8 @@
 CHECK_ID_check118="1.18"
 CHECK_TITLE_check118="[check118] Ensure IAM Master and IAM Manager roles are active (Scored)"
 CHECK_SCORED_check118="SCORED"
-CHECK_ALTERNATE_check118="check118" 
+CHECK_TYPE_check118="LEVEL1"
+CHECK_ALTERNATE_check118="check118"
 
 check118(){
   # "Ensure IAM Master and IAM Manager roles are active (Scored)"

checks/check119

@@ -11,6 +11,7 @@
 CHECK_ID_check119="1.19"
 CHECK_TITLE_check119="[check119] Maintain current contact details (Scored)"
 CHECK_SCORED_check119="SCORED"
+CHECK_TYPE_check119="LEVEL1"
 CHECK_ALTERNATE_check119="check119"
 
 check119(){

checks/check12

@@ -11,6 +11,7 @@
 CHECK_ID_check12="1.2,1.02"
 CHECK_TITLE_check12="[check12] Ensure multi-factor authentication (MFA) is enabled for all IAM users that have a console password (Scored)"
 CHECK_SCORED_check12="SCORED"
+CHECK_TYPE_check12="LEVEL1"
 CHECK_ALTERNATE_check102="check12"
 
 check12(){

checks/check120

@@ -11,7 +11,8 @@
 CHECK_ID_check120="1.20"
 CHECK_TITLE_check120="[check120] Ensure security contact information is registered (Scored)"
 CHECK_SCORED_check120="SCORED"
-CHECK_ALTERNATE_check120="check120" 
+CHECK_TYPE_check120="LEVEL1"
+CHECK_ALTERNATE_check120="check120"
 
 check120(){
   # "Ensure security contact information is registered (Scored)"

checks/check122

@@ -11,7 +11,8 @@
 CHECK_ID_check122="1.22"
 CHECK_TITLE_check122="[check122] Ensure a support role has been created to manage incidents with AWS Support (Scored)"
 CHECK_SCORED_check122="SCORED"
-CHECK_ALTERNATE_check122="check122" 
+CHECK_TYPE_check122="LEVEL1"
+CHECK_ALTERNATE_check122="check122"
 
 check122(){
   # "Ensure a support role has been created to manage incidents with AWS Support (Scored)"

checks/check123

@@ -10,7 +10,8 @@
 
 CHECK_ID_check123="1.23"
 CHECK_TITLE_check123="[check123] Do not setup access keys during initial user setup for all IAM users that have a console password (Not Scored)"
-CHECK_SCORED_check123="NOT_SCORED" 
+CHECK_SCORED_check123="NOT_SCORED"
+CHECK_TYPE_check123="LEVEL1"
 CHECK_ALTERNATE_check123="check123"
 
 check123(){

checks/check124

@@ -11,7 +11,8 @@
 CHECK_ID_check124="1.24"
 CHECK_TITLE_check124="[check124] Ensure IAM policies that allow full \"*:*\" administrative privileges are not created (Scored)"
 CHECK_SCORED_check124="SCORED"
-CHECK_ALTERNATE_check124="check124" 
+CHECK_TYPE_check124="LEVEL1"
+CHECK_ALTERNATE_check124="check124"
 
 check124(){
   # "Ensure IAM policies that allow full \"*:*\" administrative privileges are not created (Scored)"

checks/check13

@@ -11,6 +11,7 @@
 CHECK_ID_check13="1.3,1.03"
 CHECK_TITLE_check13="[check13] Ensure credentials unused for 90 days or greater are disabled (Scored)"
 CHECK_SCORED_check13="SCORED"
+CHECK_TYPE_check13="LEVEL1"
 CHECK_ALTERNATE_check103="check13"
 
 check13(){

checks/check14

@@ -11,6 +11,7 @@
 CHECK_ID_check14="1.4,1.04"
 CHECK_TITLE_check14="[check14] Ensure access keys are rotated every 90 days or less (Scored)"
 CHECK_SCORED_check14="SCORED"
+CHECK_TYPE_check14="LEVEL1"
 CHECK_ALTERNATE_check104="check14"
 
 check14(){

checks/check15

@@ -11,7 +11,8 @@
 CHECK_ID_check15="1.5,1.05"
 CHECK_TITLE_check15="[check15] Ensure IAM password policy requires at least one uppercase letter (Scored)"
 CHECK_SCORED_check15="SCORED"
-CHECK_ALTERNATE_check105="check15" 
+CHECK_TYPE_check15="LEVEL1"
+CHECK_ALTERNATE_check105="check15"
 
 check15(){
   # "Ensure IAM password policy requires at least one uppercase letter (Scored)"

checks/check16

@@ -11,6 +11,7 @@
 CHECK_ID_check16="1.6,1.06"
 CHECK_TITLE_check16="[check16] Ensure IAM password policy require at least one lowercase letter (Scored)"
 CHECK_SCORED_check16="SCORED"
+CHECK_TYPE_check16="LEVEL1"
 CHECK_ALTERNATE_check106="check16"
 
 check16(){

checks/check17

@@ -11,6 +11,7 @@
 CHECK_ID_check17="1.7,1.07"
 CHECK_TITLE_check17="[check17] Ensure IAM password policy require at least one symbol (Scored)"
 CHECK_SCORED_check17="SCORED"
+CHECK_TYPE_check17="LEVEL1"
 CHECK_ALTERNATE_check107="check17"
 
 check17(){

checks/check18

@@ -11,6 +11,7 @@
 CHECK_ID_check18="1.8,1.08"
 CHECK_TITLE_check18="[check18] Ensure IAM password policy require at least one number (Scored)"
 CHECK_SCORED_check18="SCORED"
+CHECK_TYPE_check19="LEVEL1"
 CHECK_ALTERNATE_check18="check18"
 
 check18(){

checks/check19

@@ -11,7 +11,8 @@
 CHECK_ID_check19="1.9,1.09"
 CHECK_TITLE_check19="[check19] Ensure IAM password policy requires minimum length of 14 or greater (Scored)"
 CHECK_SCORED_check19="SCORED"
-CHECK_ALTERNATE_check109="check19" 
+CHECK_TYPE_check19="LEVEL1"
+CHECK_ALTERNATE_check109="check19"
 
 check19(){
   # "Ensure IAM password policy requires minimum length of 14 or greater (Scored)"

checks/check21

@@ -11,7 +11,8 @@
 CHECK_ID_check21="2.1,2.01"
 CHECK_TITLE_check21="[check21] Ensure CloudTrail is enabled in all regions (Scored)"
 CHECK_SCORED_check21="SCORED"
-CHECK_ALTERNATE_check201="check21" 
+CHECK_TYPE_check21="LEVEL1"
+CHECK_ALTERNATE_check201="check21"
 
 check21(){
   # "Ensure CloudTrail is enabled in all regions (Scored)"

checks/check23

@@ -11,7 +11,8 @@
 CHECK_ID_check23="2.3,2.03"
 CHECK_TITLE_check23="[check23] Ensure the S3 bucket CloudTrail logs to is not publicly accessible (Scored)"
 CHECK_SCORED_check23="SCORED"
-CHECK_ALTERNATE_check203="check23" 
+CHECK_TYPE_check23="LEVEL1"
+CHECK_ALTERNATE_check203="check23"
 
 check23(){
   # "Ensure the S3 bucket CloudTrail logs to is not publicly accessible (Scored)"

checks/check24

@@ -11,7 +11,8 @@
 CHECK_ID_check24="2.4,2.04"
 CHECK_TITLE_check24="[check24] Ensure CloudTrail trails are integrated with CloudWatch Logs (Scored)"
 CHECK_SCORED_check24="SCORED"
-CHECK_ALTERNATE_check204="check24" 
+CHECK_TYPE_check24="LEVEL1"
+CHECK_ALTERNATE_check204="check24"
 
 check24(){
   # "Ensure CloudTrail trails are integrated with CloudWatch Logs (Scored)"

checks/check25

@@ -11,7 +11,8 @@
 CHECK_ID_check25="2.5,2.05"
 CHECK_TITLE_check25="[check25] Ensure AWS Config is enabled in all regions (Scored)"
 CHECK_SCORED_check25="SCORED"
-CHECK_ALTERNATE_check205="check25" 
+CHECK_TYPE_check25="LEVEL1"
+CHECK_ALTERNATE_check205="check25"
 
 check25(){
   # "Ensure AWS Config is enabled in all regions (Scored)"

checks/check26

@@ -11,7 +11,8 @@
 CHECK_ID_check26="2.6,2.06"
 CHECK_TITLE_check26="[check26] Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket (Scored)"
 CHECK_SCORED_check26="SCORED"
-CHECK_ALTERNATE_check206="check26" 
+CHECK_TYPE_check26="LEVEL1"
+CHECK_ALTERNATE_check206="check26"
 
 check26(){
   # "Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket (Scored)"

checks/check31

@@ -11,7 +11,8 @@
 CHECK_ID_check31="3.1,3.01"
 CHECK_TITLE_check31="[check31] Ensure a log metric filter and alarm exist for unauthorized API calls (Scored)"
 CHECK_SCORED_check31="SCORED"
-CHECK_ALTERNATE_check301="check31" 
+CHECK_TYPE_check31="LEVEL1"
+CHECK_ALTERNATE_check301="check31"
 
 check31(){
   # "Ensure a log metric filter and alarm exist for unauthorized API calls (Scored)"

checks/check312

@@ -10,7 +10,8 @@
 
 CHECK_ID_check312="3.12"
 CHECK_TITLE_check312="[check312] Ensure a log metric filter and alarm exist for changes to network gateways (Scored)"
-CHECK_SCORED_check312="SCORED" 
+CHECK_SCORED_check312="SCORED"
+CHECK_TYPE_check312="LEVEL1"
 CHECK_ALTERNATE_check312="check312"
 
 check312(){

checks/check313

@@ -10,7 +10,8 @@
 
 CHECK_ID_check313="3.13"
 CHECK_TITLE_check313="[check313] Ensure a log metric filter and alarm exist for route table changes (Scored)"
-CHECK_SCORED_check313="SCORED" 
+CHECK_SCORED_check313="SCORED"
+CHECK_TYPE_check313="LEVEL1"
 CHECK_ALTERNATE_check313="check313"
 
 check313(){

checks/check314

@@ -10,7 +10,8 @@
 
 CHECK_ID_check314="3.14"
 CHECK_TITLE_check314="[check314] Ensure a log metric filter and alarm exist for VPC changes (Scored)"
-CHECK_SCORED_check314="SCORED" 
+CHECK_SCORED_check314="SCORED"
+CHECK_TYPE_check314="LEVEL1"
 CHECK_ALTERNATE_check314="check314"
 
 check314(){

checks/check315

@@ -11,6 +11,7 @@
 CHECK_ID_check315="3.15"
 CHECK_TITLE_check315="[check315] Ensure appropriate subscribers to each SNS topic (Not Scored)"
 CHECK_SCORED_check315="SCORED"
+CHECK_TYPE_check315="LEVEL1"
 CHECK_ALTERNATE_check315="check315"
 
 check315(){

checks/check32

@@ -11,6 +11,7 @@
 CHECK_ID_check32="3.2,3.02"
 CHECK_TITLE_check32="[check32] Ensure a log metric filter and alarm exist for Management Console sign-in without MFA (Scored)"
 CHECK_SCORED_check32="SCORED"
+CHECK_TYPE_check32="LEVEL1"
 CHECK_ALTERNATE_check302="check32"
 
 check32(){

checks/check33

@@ -11,7 +11,8 @@
 CHECK_ID_check33="3.3,3.03"
 CHECK_TITLE_check33="[check33] Ensure a log metric filter and alarm exist for usage of root account (Scored)"
 CHECK_SCORED_check33="SCORED"
-CHECK_ALTERNATE_check303="check33" 
+CHECK_TYPE_check33="LEVEL1"
+CHECK_ALTERNATE_check303="check33"
 
 check33(){
   # "Ensure a log metric filter and alarm exist for usage of root account (Scored)"

checks/check34

@@ -11,7 +11,8 @@
 CHECK_ID_check34="3.4,3.04"
 CHECK_TITLE_check34="[check34] Ensure a log metric filter and alarm exist for IAM policy changes (Scored)"
 CHECK_SCORED_check34="SCORED"
-CHECK_ALTERNATE_check304="check34" 
+CHECK_TYPE_check34="LEVEL1"
+CHECK_ALTERNATE_check304="check34"
 
 check34(){
   # "Ensure a log metric filter and alarm exist for IAM policy changes (Scored)"

checks/check35

@@ -11,7 +11,8 @@
 CHECK_ID_check35="3.5,3.05"
 CHECK_TITLE_check35="[check35] Ensure a log metric filter and alarm exist for CloudTrail configuration changes (Scored)"
 CHECK_SCORED_check35="SCORED"
-CHECK_ALTERNATE_check305="check35" 
+CHECK_TYPE_check35="LEVEL1"
+CHECK_ALTERNATE_check305="check35"
 
 check35(){
   # "Ensure a log metric filter and alarm exist for CloudTrail configuration changes (Scored)"

checks/check38

@@ -11,7 +11,8 @@
 CHECK_ID_check38="3.8,3.08"
 CHECK_TITLE_check38="[check38] Ensure a log metric filter and alarm exist for S3 bucket policy changes (Scored)"
 CHECK_SCORED_check38="SCORED"
-CHECK_ALTERNATE_check308="check38" 
+CHECK_TYPE_check38="LEVEL1"
+CHECK_ALTERNATE_check308="check38"
 
 check38(){
   # "Ensure a log metric filter and alarm exist for S3 bucket policy changes (Scored)"