Fix issue #848 CIS LEVEL added to CSV and other formats

2026-02-10 14:55:00 +00:00 · 2021-11-11 13:40:40 +01:00
parent 34aba53649
commit 140e96e5e1
211 changed files with 268 additions and 273 deletions
--- a/checks/check11
+++ b/checks/check11
@@ -14,7 +14,7 @@
 CHECK_ID_check11="1.1"
 CHECK_TITLE_check11="[check11] Avoid the use of the root account"
 CHECK_SCORED_check11="SCORED"
-CHECK_TYPE_check11="LEVEL1"
+CHECK_CIS_LEVEL_check11="LEVEL1"
 CHECK_SEVERITY_check11="High"
 CHECK_ASFF_TYPE_check11="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ALTERNATE_check101="check11"
--- a/checks/check110
+++ b/checks/check110
@@ -14,7 +14,7 @@
 CHECK_ID_check110="1.10"
 CHECK_TITLE_check110="[check110] Ensure IAM password policy prevents password reuse: 24 or greater"
 CHECK_SCORED_check110="SCORED"
-CHECK_TYPE_check110="LEVEL1"
+CHECK_CIS_LEVEL_check110="LEVEL1"
 CHECK_SEVERITY_check110="Medium"
 CHECK_ASFF_TYPE_check110="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ALTERNATE_check110="check110"
--- a/checks/check111
+++ b/checks/check111
@@ -14,7 +14,7 @@
 CHECK_ID_check111="1.11"
 CHECK_TITLE_check111="[check111] Ensure IAM password policy expires passwords within 90 days or less"
 CHECK_SCORED_check111="SCORED"
-CHECK_TYPE_check111="LEVEL1"
+CHECK_CIS_LEVEL_check111="LEVEL1"
 CHECK_SEVERITY_check111="Medium"
 CHECK_ASFF_TYPE_check111="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ALTERNATE_check111="check111"
--- a/checks/check112
+++ b/checks/check112
@@ -14,7 +14,7 @@
 CHECK_ID_check112="1.12"
 CHECK_TITLE_check112="[check112] Ensure no root account access key exists"
 CHECK_SCORED_check112="SCORED"
-CHECK_TYPE_check112="LEVEL1"
+CHECK_CIS_LEVEL_check112="LEVEL1"
 CHECK_SEVERITY_check112="Critical"
 CHECK_ASFF_TYPE_check112="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ALTERNATE_check112="check112"
--- a/checks/check113
+++ b/checks/check113
@@ -14,7 +14,7 @@
 CHECK_ID_check113="1.13"
 CHECK_TITLE_check113="[check113] Ensure MFA is enabled for the root account"
 CHECK_SCORED_check113="SCORED"
-CHECK_TYPE_check113="LEVEL1"
+CHECK_CIS_LEVEL_check113="LEVEL1"
 CHECK_SEVERITY_check113="Critical"
 CHECK_ASFF_TYPE_check113="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ALTERNATE_check113="check113"
--- a/checks/check114
+++ b/checks/check114
@@ -14,7 +14,7 @@
 CHECK_ID_check114="1.14"
 CHECK_TITLE_check114="[check114] Ensure hardware MFA is enabled for the root account"
 CHECK_SCORED_check114="SCORED"
-CHECK_TYPE_check114="LEVEL2"
+CHECK_CIS_LEVEL_check114="LEVEL2"
 CHECK_SEVERITY_check114="Critical"
 CHECK_ASFF_TYPE_check114="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ALTERNATE_check114="check114"
--- a/checks/check115
+++ b/checks/check115
@@ -14,7 +14,7 @@
 CHECK_ID_check115="1.15"
 CHECK_TITLE_check115="[check115] Ensure security questions are registered in the AWS account"
 CHECK_SCORED_check115="NOT_SCORED"
-CHECK_TYPE_check115="LEVEL1"
+CHECK_CIS_LEVEL_check115="LEVEL1"
 CHECK_SEVERITY_check115="Medium"
 CHECK_ASFF_TYPE_check115="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ALTERNATE_check115="check115"
--- a/checks/check116
+++ b/checks/check116
@@ -14,7 +14,7 @@
 CHECK_ID_check116="1.16"
 CHECK_TITLE_check116="[check116] Ensure IAM policies are attached only to groups or roles"
 CHECK_SCORED_check116="SCORED"
-CHECK_TYPE_check116="LEVEL1"
+CHECK_CIS_LEVEL_check116="LEVEL1"
 CHECK_SEVERITY_check116="Low"
 CHECK_ASFF_TYPE_check116="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ASFF_RESOURCE_TYPE_check116="AwsIamUser"
--- a/checks/check117
+++ b/checks/check117
@@ -14,7 +14,7 @@
 CHECK_ID_check117="1.17"
 CHECK_TITLE_check117="[check117] Maintain current contact details"
 CHECK_SCORED_check117="NOT_SCORED"
-CHECK_TYPE_check117="LEVEL1"
+CHECK_CIS_LEVEL_check117="LEVEL1"
 CHECK_SEVERITY_check117="Medium"
 CHECK_ASFF_TYPE_check117="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ALTERNATE_check117="check117"
--- a/checks/check118
+++ b/checks/check118
@@ -14,7 +14,7 @@
 CHECK_ID_check118="1.18"
 CHECK_TITLE_check118="[check118] Ensure security contact information is registered"
 CHECK_SCORED_check118="NOT_SCORED"
-CHECK_TYPE_check118="LEVEL1"
+CHECK_CIS_LEVEL_check118="LEVEL1"
 CHECK_SEVERITY_check118="Medium"
 CHECK_ASFF_TYPE_check118="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ALTERNATE_check118="check118"
--- a/checks/check119
+++ b/checks/check119
@@ -14,7 +14,7 @@
 CHECK_ID_check119="1.19"
 CHECK_TITLE_check119="[check119] Ensure IAM instance roles are used for AWS resource access from instances"
 CHECK_SCORED_check119="NOT_SCORED"
-CHECK_TYPE_check119="LEVEL2"
+CHECK_CIS_LEVEL_check119="LEVEL2"
 CHECK_SEVERITY_check119="Medium"
 CHECK_ASFF_TYPE_check119="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ASFF_RESOURCE_TYPE_check119="AwsEc2Instance"
--- a/checks/check12
+++ b/checks/check12
@@ -14,7 +14,7 @@
 CHECK_ID_check12="1.2"
 CHECK_TITLE_check12="[check12] Ensure multi-factor authentication (MFA) is enabled for all IAM users that have a console password"
 CHECK_SCORED_check12="SCORED"
-CHECK_TYPE_check12="LEVEL1"
+CHECK_CIS_LEVEL_check12="LEVEL1"
 CHECK_SEVERITY_check12="High"
 CHECK_ASFF_TYPE_check12="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ASFF_RESOURCE_TYPE_check12="AwsIamUser"
--- a/checks/check120
+++ b/checks/check120
@@ -14,7 +14,7 @@
 CHECK_ID_check120="1.20"
 CHECK_TITLE_check120="[check120] Ensure a support role has been created to manage incidents with AWS Support"
 CHECK_SCORED_check120="SCORED"
-CHECK_TYPE_check120="LEVEL1"
+CHECK_CIS_LEVEL_check120="LEVEL1"
 CHECK_SEVERITY_check120="Medium"
 CHECK_ASFF_TYPE_check120="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ASFF_RESOURCE_TYPE_check120="AwsIamRole"
--- a/checks/check121
+++ b/checks/check121
@@ -14,7 +14,7 @@
 CHECK_ID_check121="1.21"
 CHECK_TITLE_check121="[check121] Do not setup access keys during initial user setup for all IAM users that have a console password"
 CHECK_SCORED_check121="NOT_SCORED"
-CHECK_TYPE_check121="LEVEL1"
+CHECK_CIS_LEVEL_check121="LEVEL1"
 CHECK_SEVERITY_check121="Medium"
 CHECK_ASFF_TYPE_check121="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ASFF_RESOURCE_TYPE_check121="AwsIamUser"
--- a/checks/check122
+++ b/checks/check122
@@ -14,7 +14,7 @@
 CHECK_ID_check122="1.22"
 CHECK_TITLE_check122="[check122] Ensure IAM policies that allow full \"*:*\" administrative privileges are not created"
 CHECK_SCORED_check122="SCORED"
-CHECK_TYPE_check122="LEVEL1"
+CHECK_CIS_LEVEL_check122="LEVEL1"
 CHECK_SEVERITY_check122="Medium"
 CHECK_ASFF_TYPE_check122="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ASFF_RESOURCE_TYPE_check122="AwsIamPolicy"
--- a/checks/check13
+++ b/checks/check13
@@ -14,7 +14,7 @@
 CHECK_ID_check13="1.3"
 CHECK_TITLE_check13="[check13] Ensure credentials unused for 90 days or greater are disabled"
 CHECK_SCORED_check13="SCORED"
-CHECK_TYPE_check13="LEVEL1"
+CHECK_CIS_LEVEL_check13="LEVEL1"
 CHECK_SEVERITY_check13="Medium"
 CHECK_ASFF_TYPE_check13="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ASFF_RESOURCE_TYPE_check13="AwsIamUser"
--- a/checks/check14
+++ b/checks/check14
@@ -14,7 +14,7 @@
 CHECK_ID_check14="1.4"
 CHECK_TITLE_check14="[check14] Ensure access keys are rotated every 90 days or less"
 CHECK_SCORED_check14="SCORED"
-CHECK_TYPE_check14="LEVEL1"
+CHECK_CIS_LEVEL_check14="LEVEL1"
 CHECK_SEVERITY_check14="Medium"
 CHECK_ASFF_TYPE_check14="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ASFF_RESOURCE_TYPE_check14="AwsIamUser"
--- a/checks/check15
+++ b/checks/check15
@@ -14,7 +14,7 @@
 CHECK_ID_check15="1.5"
 CHECK_TITLE_check15="[check15] Ensure IAM password policy requires at least one uppercase letter"
 CHECK_SCORED_check15="SCORED"
-CHECK_TYPE_check15="LEVEL1"
+CHECK_CIS_LEVEL_check15="LEVEL1"
 CHECK_SEVERITY_check15="Medium"
 CHECK_ASFF_TYPE_check15="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ALTERNATE_check105="check15"
--- a/checks/check16
+++ b/checks/check16
@@ -14,7 +14,7 @@
 CHECK_ID_check16="1.6"
 CHECK_TITLE_check16="[check16] Ensure IAM password policy require at least one lowercase letter"
 CHECK_SCORED_check16="SCORED"
-CHECK_TYPE_check16="LEVEL1"
+CHECK_CIS_LEVEL_check16="LEVEL1"
 CHECK_SEVERITY_check16="Medium"
 CHECK_ASFF_TYPE_check16="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ALTERNATE_check106="check16"
--- a/checks/check17
+++ b/checks/check17
@@ -14,7 +14,7 @@
 CHECK_ID_check17="1.7"
 CHECK_TITLE_check17="[check17] Ensure IAM password policy require at least one symbol"
 CHECK_SCORED_check17="SCORED"
-CHECK_TYPE_check17="LEVEL1"
+CHECK_CIS_LEVEL_check17="LEVEL1"
 CHECK_SEVERITY_check17="Medium"
 CHECK_ASFF_TYPE_check17="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ALTERNATE_check107="check17"
--- a/checks/check18
+++ b/checks/check18
@@ -14,7 +14,7 @@
 CHECK_ID_check18="1.8"
 CHECK_TITLE_check18="[check18] Ensure IAM password policy require at least one number"
 CHECK_SCORED_check18="SCORED"
-CHECK_TYPE_check18="LEVEL1"
+CHECK_CIS_LEVEL_check18="LEVEL1"
 CHECK_SEVERITY_check18="Medium"
 CHECK_ASFF_TYPE_check18="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ALTERNATE_check108="check18"
--- a/checks/check19
+++ b/checks/check19
@@ -14,7 +14,7 @@
 CHECK_ID_check19="1.9"
 CHECK_TITLE_check19="[check19] Ensure IAM password policy requires minimum length of 14 or greater"
 CHECK_SCORED_check19="SCORED"
-CHECK_TYPE_check19="LEVEL1"
+CHECK_CIS_LEVEL_check19="LEVEL1"
 CHECK_SEVERITY_check19="Medium"
 CHECK_ASFF_TYPE_check19="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ALTERNATE_check109="check19"
--- a/checks/check21
+++ b/checks/check21
@@ -14,7 +14,7 @@
 CHECK_ID_check21="2.1"
 CHECK_TITLE_check21="[check21] Ensure CloudTrail is enabled in all regions"
 CHECK_SCORED_check21="SCORED"
-CHECK_TYPE_check21="LEVEL1"
+CHECK_LEVEL_check21="LEVEL1"
 CHECK_SEVERITY_check21="High"
 CHECK_ASFF_TYPE_check21="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ASFF_RESOURCE_TYPE_check21="AwsCloudTrailTrail"
--- a/checks/check22
+++ b/checks/check22
@@ -14,7 +14,7 @@
 CHECK_ID_check22="2.2"
 CHECK_TITLE_check22="[check22] Ensure CloudTrail log file validation is enabled"
 CHECK_SCORED_check22="SCORED"
-CHECK_TYPE_check22="LEVEL2"
+CHECK_CIS_LEVEL_check22="LEVEL2"
 CHECK_SEVERITY_check22="Medium"
 CHECK_ASFF_TYPE_check22="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ASFF_RESOURCE_TYPE_check22="AwsCloudTrailTrail"
--- a/checks/check23
+++ b/checks/check23
@@ -14,7 +14,7 @@
 CHECK_ID_check23="2.3"
 CHECK_TITLE_check23="[check23] Ensure the S3 bucket CloudTrail logs to is not publicly accessible"
 CHECK_SCORED_check23="SCORED"
-CHECK_TYPE_check23="LEVEL1"
+CHECK_CIS_LEVEL_check23="LEVEL1"
 CHECK_SEVERITY_check23="Critical"
 CHECK_ASFF_TYPE_check23="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ASFF_RESOURCE_TYPE_check23="AwsS3Bucket"
--- a/checks/check24
+++ b/checks/check24
@@ -14,7 +14,7 @@
 CHECK_ID_check24="2.4"
 CHECK_TITLE_check24="[check24] Ensure CloudTrail trails are integrated with CloudWatch Logs"
 CHECK_SCORED_check24="SCORED"
-CHECK_TYPE_check24="LEVEL1"
+CHECK_CIS_LEVEL_check24="LEVEL1"
 CHECK_SEVERITY_check24="Low"
 CHECK_ASFF_TYPE_check24="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ASFF_RESOURCE_TYPE_check24="AwsCloudTrailTrail"
--- a/checks/check25
+++ b/checks/check25
@@ -14,7 +14,7 @@
 CHECK_ID_check25="2.5"
 CHECK_TITLE_check25="[check25] Ensure AWS Config is enabled in all regions"
 CHECK_SCORED_check25="SCORED"
-CHECK_TYPE_check25="LEVEL1"
+CHECK_CIS_LEVEL_check25="LEVEL1"
 CHECK_SEVERITY_check25="Medium"
 CHECK_ASFF_TYPE_check25="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ALTERNATE_check205="check25"
--- a/checks/check26
+++ b/checks/check26
@@ -14,7 +14,7 @@
 CHECK_ID_check26="2.6"
 CHECK_TITLE_check26="[check26] Ensure S3 bucket access logging is enabled on the CloudTrail S3 bucket"
 CHECK_SCORED_check26="SCORED"
-CHECK_TYPE_check26="LEVEL1"
+CHECK_CIS_LEVEL_check26="LEVEL1"
 CHECK_SEVERITY_check26="Medium"
 CHECK_ASFF_TYPE_check26="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ASFF_RESOURCE_TYPE_check26="AwsS3Bucket"
--- a/checks/check27
+++ b/checks/check27
@@ -14,7 +14,7 @@
 CHECK_ID_check27="2.7"
 CHECK_TITLE_check27="[check27] Ensure CloudTrail logs are encrypted at rest using KMS CMKs"
 CHECK_SCORED_check27="SCORED"
-CHECK_TYPE_check27="LEVEL2"
+CHECK_CIS_LEVEL_check27="LEVEL2"
 CHECK_SEVERITY_check27="Medium"
 CHECK_ASFF_TYPE_check27="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ASFF_RESOURCE_TYPE_check27="AwsCloudTrailTrail"
--- a/checks/check28
+++ b/checks/check28
@@ -14,7 +14,7 @@
 CHECK_ID_check28="2.8"
 CHECK_TITLE_check28="[check28] Ensure rotation for customer created KMS CMKs is enabled"
 CHECK_SCORED_check28="SCORED"
-CHECK_TYPE_check28="LEVEL2"
+CHECK_CIS_LEVEL_check28="LEVEL2"
 CHECK_SEVERITY_check28="Medium"
 CHECK_ASFF_TYPE_check28="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ASFF_RESOURCE_TYPE_check28="AwsKmsKey"
--- a/checks/check29
+++ b/checks/check29
@@ -14,7 +14,7 @@
 CHECK_ID_check29="2.9"
 CHECK_TITLE_check29="[check29] Ensure VPC Flow Logging is Enabled in all VPCs"
 CHECK_SCORED_check29="SCORED"
-CHECK_TYPE_check29="LEVEL2"
+CHECK_CIS_LEVEL_check29="LEVEL2"
 CHECK_SEVERITY_check29="Medium"
 CHECK_ASFF_TYPE_check29="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ASFF_RESOURCE_TYPE_check29="AwsEc2Vpc"
--- a/checks/check31
+++ b/checks/check31
@@ -39,7 +39,7 @@
 CHECK_ID_check31="3.1"
 CHECK_TITLE_check31="[check31] Ensure a log metric filter and alarm exist for unauthorized API calls"
 CHECK_SCORED_check31="SCORED"
-CHECK_TYPE_check31="LEVEL1"
+CHECK_CIS_LEVEL_check31="LEVEL1"
 CHECK_SEVERITY_check31="Medium"
 CHECK_ASFF_TYPE_check31="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ASFF_RESOURCE_TYPE_check31="AwsCloudTrailTrail"
--- a/checks/check310
+++ b/checks/check310
@@ -39,7 +39,7 @@
 CHECK_ID_check310="3.10"
 CHECK_TITLE_check310="[check310] Ensure a log metric filter and alarm exist for security group changes"
 CHECK_SCORED_check310="SCORED"
-CHECK_TYPE_check310="LEVEL2"
+CHECK_CIS_LEVEL_check310="LEVEL2"
 CHECK_SEVERITY_check310="Medium"
 CHECK_ASFF_TYPE_check310="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ASFF_RESOURCE_TYPE_check310="AwsCloudTrailTrail"
--- a/checks/check311
+++ b/checks/check311
@@ -39,7 +39,7 @@
 CHECK_ID_check311="3.11"
 CHECK_TITLE_check311="[check311] Ensure a log metric filter and alarm exist for changes to Network Access Control Lists (NACL)"
 CHECK_SCORED_check311="SCORED"
-CHECK_TYPE_check311="LEVEL2"
+CHECK_CIS_LEVEL_check311="LEVEL2"
 CHECK_SEVERITY_check311="Medium"
 CHECK_ASFF_TYPE_check311="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ASFF_RESOURCE_TYPE_check311="AwsCloudTrailTrail"
--- a/checks/check312
+++ b/checks/check312
@@ -39,7 +39,7 @@
 CHECK_ID_check312="3.12"
 CHECK_TITLE_check312="[check312] Ensure a log metric filter and alarm exist for changes to network gateways"
 CHECK_SCORED_check312="SCORED"
-CHECK_TYPE_check312="LEVEL1"
+CHECK_CIS_LEVEL_check312="LEVEL1"
 CHECK_SEVERITY_check312="Medium"
 CHECK_ASFF_TYPE_check312="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ASFF_RESOURCE_TYPE_check312="AwsCloudTrailTrail"
--- a/checks/check313
+++ b/checks/check313
@@ -39,7 +39,7 @@
 CHECK_ID_check313="3.13"
 CHECK_TITLE_check313="[check313] Ensure a log metric filter and alarm exist for route table changes"
 CHECK_SCORED_check313="SCORED"
-CHECK_TYPE_check313="LEVEL1"
+CHECK_CIS_LEVEL_check313="LEVEL1"
 CHECK_SEVERITY_check313="Medium"
 CHECK_ASFF_TYPE_check313="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ASFF_RESOURCE_TYPE_check313="AwsCloudTrailTrail"
--- a/checks/check314
+++ b/checks/check314
@@ -39,7 +39,7 @@
 CHECK_ID_check314="3.14"
 CHECK_TITLE_check314="[check314] Ensure a log metric filter and alarm exist for VPC changes"
 CHECK_SCORED_check314="SCORED"
-CHECK_TYPE_check314="LEVEL1"
+CHECK_CIS_LEVEL_check314="LEVEL1"
 CHECK_SEVERITY_check314="Medium"
 CHECK_ASFF_TYPE_check314="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ASFF_RESOURCE_TYPE_check314="AwsCloudTrailTrail"
--- a/checks/check32
+++ b/checks/check32
@@ -39,7 +39,7 @@
 CHECK_ID_check32="3.2"
 CHECK_TITLE_check32="[check32] Ensure a log metric filter and alarm exist for Management Console sign-in without MFA"
 CHECK_SCORED_check32="SCORED"
-CHECK_TYPE_check32="LEVEL1"
+CHECK_CIS_LEVEL_check32="LEVEL1"
 CHECK_SEVERITY_check32="Medium"
 CHECK_ASFF_TYPE_check32="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ASFF_RESOURCE_TYPE_check32="AwsCloudTrailTrail"
--- a/checks/check33
+++ b/checks/check33
@@ -39,7 +39,7 @@
 CHECK_ID_check33="3.3"
 CHECK_TITLE_check33="[check33] Ensure a log metric filter and alarm exist for usage of root account"
 CHECK_SCORED_check33="SCORED"
-CHECK_TYPE_check33="LEVEL1"
+CHECK_CIS_LEVEL_check33="LEVEL1"
 CHECK_SEVERITY_check33="Medium"
 CHECK_ASFF_TYPE_check33="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ASFF_RESOURCE_TYPE_check33="AwsCloudTrailTrail"
--- a/checks/check34
+++ b/checks/check34
@@ -39,7 +39,7 @@
 CHECK_ID_check34="3.4"
 CHECK_TITLE_check34="[check34] Ensure a log metric filter and alarm exist for IAM policy changes"
 CHECK_SCORED_check34="SCORED"
-CHECK_TYPE_check34="LEVEL1"
+CHECK_CIS_LEVEL_check34="LEVEL1"
 CHECK_SEVERITY_check34="Medium"
 CHECK_ASFF_TYPE_check34="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ASFF_RESOURCE_TYPE_check34="AwsCloudTrailTrail"
--- a/checks/check35
+++ b/checks/check35
@@ -39,7 +39,7 @@
 CHECK_ID_check35="3.5"
 CHECK_TITLE_check35="[check35] Ensure a log metric filter and alarm exist for CloudTrail configuration changes"
 CHECK_SCORED_check35="SCORED"
-CHECK_TYPE_check35="LEVEL1"
+CHECK_CIS_LEVEL_check35="LEVEL1"
 CHECK_SEVERITY_check35="Medium"
 CHECK_ASFF_TYPE_check35="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ASFF_RESOURCE_TYPE_check35="AwsCloudTrailTrail"
--- a/checks/check36
+++ b/checks/check36
@@ -39,7 +39,7 @@
 CHECK_ID_check36="3.6"
 CHECK_TITLE_check36="[check36] Ensure a log metric filter and alarm exist for AWS Management Console authentication failures"
 CHECK_SCORED_check36="SCORED"
-CHECK_TYPE_check36="LEVEL2"
+CHECK_CIS_LEVEL_check36="LEVEL2"
 CHECK_SEVERITY_check36="Medium"
 CHECK_ASFF_TYPE_check36="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ASFF_RESOURCE_TYPE_check36="AwsCloudTrailTrail"
--- a/checks/check37
+++ b/checks/check37
@@ -39,7 +39,7 @@
 CHECK_ID_check37="3.7"
 CHECK_TITLE_check37="[check37] Ensure a log metric filter and alarm exist for disabling or scheduled deletion of customer created KMS CMKs"
 CHECK_SCORED_check37="SCORED"
-CHECK_TYPE_check37="LEVEL2"
+CHECK_CIS_LEVEL_check37="LEVEL2"
 CHECK_SEVERITY_check37="Medium"
 CHECK_ASFF_TYPE_check37="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ASFF_RESOURCE_TYPE_check37="AwsCloudTrailTrail"
--- a/checks/check38
+++ b/checks/check38
@@ -39,7 +39,7 @@
 CHECK_ID_check38="3.8"
 CHECK_TITLE_check38="[check38] Ensure a log metric filter and alarm exist for S3 bucket policy changes"
 CHECK_SCORED_check38="SCORED"
-CHECK_TYPE_check38="LEVEL1"
+CHECK_CIS_LEVEL_check38="LEVEL1"
 CHECK_SEVERITY_check38="Medium"
 CHECK_ASFF_TYPE_check38="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ASFF_RESOURCE_TYPE_check38="AwsCloudTrailTrail"
--- a/checks/check39
+++ b/checks/check39
@@ -39,7 +39,7 @@
 CHECK_ID_check39="3.9"
 CHECK_TITLE_check39="[check39] Ensure a log metric filter and alarm exist for AWS Config configuration changes"
 CHECK_SCORED_check39="SCORED"
-CHECK_TYPE_check39="LEVEL2"
+CHECK_CIS_LEVEL_check39="LEVEL2"
 CHECK_SEVERITY_check39="Medium"
 CHECK_ASFF_TYPE_check39="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ASFF_RESOURCE_TYPE_check39="AwsCloudTrailTrail"
--- a/checks/check41
+++ b/checks/check41
@@ -14,7 +14,7 @@
 CHECK_ID_check41="4.1"
 CHECK_TITLE_check41="[check41] Ensure no security groups allow ingress from 0.0.0.0/0 or ::/0 to port 22"
 CHECK_SCORED_check41="SCORED"
-CHECK_TYPE_check41="LEVEL2"
+CHECK_CIS_LEVEL_check41="LEVEL2"
 CHECK_SEVERITY_check41="High"
 CHECK_ASFF_TYPE_check41="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ASFF_RESOURCE_TYPE_check41="AwsEc2SecurityGroup"
--- a/checks/check42
+++ b/checks/check42
@@ -14,7 +14,7 @@
 CHECK_ID_check42="4.2"
 CHECK_TITLE_check42="[check42] Ensure no security groups allow ingress from 0.0.0.0/0 or ::/0 to port 3389"
 CHECK_SCORED_check42="SCORED"
-CHECK_TYPE_check42="LEVEL2"
+CHECK_CIS_LEVEL_check42="LEVEL2"
 CHECK_SEVERITY_check42="High"
 CHECK_ASFF_TYPE_check42="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ASFF_RESOURCE_TYPE_check42="AwsEc2SecurityGroup"
--- a/checks/check43
+++ b/checks/check43
@@ -14,7 +14,7 @@
 CHECK_ID_check43="4.3"
 CHECK_TITLE_check43="[check43] Ensure the default security group of every VPC restricts all traffic"
 CHECK_SCORED_check43="SCORED"
-CHECK_TYPE_check43="LEVEL2"
+CHECK_CIS_LEVEL_check43="LEVEL2"
 CHECK_SEVERITY_check43="High"
 CHECK_ASFF_TYPE_check43="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ASFF_RESOURCE_TYPE_check43="AwsEc2SecurityGroup"
--- a/checks/check44
+++ b/checks/check44
@@ -14,7 +14,7 @@
 CHECK_ID_check44="4.4"
 CHECK_TITLE_check44="[check44] Ensure routing tables for VPC peering are \"least access\""
 CHECK_SCORED_check44="NOT_SCORED"
-CHECK_TYPE_check44="LEVEL2"
+CHECK_CIS_LEVEL_check44="LEVEL2"
 CHECK_SEVERITY_check44="Medium"
 CHECK_ASFF_TYPE_check44="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ASFF_RESOURCE_TYPE_check44="AwsEc2Vpc"
--- a/checks/check45
+++ b/checks/check45
@@ -14,7 +14,7 @@
 CHECK_ID_check45="4.5"
 CHECK_TITLE_check45="[check45] Ensure no Network ACLs allow ingress from 0.0.0.0/0 to SSH port 22"
 CHECK_SCORED_check45="SCORED"
-CHECK_TYPE_check45="LEVEL2"
+CHECK_CIS_LEVEL_check45="LEVEL2"
 CHECK_SEVERITY_check45="High"
 CHECK_ASFF_TYPE_check45="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ASFF_RESOURCE_TYPE_check45="AwsEc2NetworkAcl"
--- a/checks/check46
+++ b/checks/check46
@@ -14,7 +14,7 @@
 CHECK_ID_check46="4.6"
 CHECK_TITLE_check46="[check46] Ensure no Network ACLs allow ingress from 0.0.0.0/0 to Microsoft RDP port 3389"
 CHECK_SCORED_check46="SCORED"
-CHECK_TYPE_check46="LEVEL2"
+CHECK_CIS_LEVEL_check46="LEVEL2"
 CHECK_SEVERITY_check46="High"
 CHECK_ASFF_TYPE_check46="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ASFF_RESOURCE_TYPE_check46="AwsEc2NetworkAcl"
--- a/checks/check_extra71
+++ b/checks/check_extra71
@@ -13,7 +13,7 @@
 CHECK_ID_extra71="7.1"
 CHECK_TITLE_extra71="[extra71] Ensure users of groups with AdministratorAccess policy have MFA tokens enabled"
 CHECK_SCORED_extra71="NOT_SCORED"
-CHECK_TYPE_extra71="EXTRA"
+CHECK_CIS_LEVEL_extra71="EXTRA"
 CHECK_SEVERITY_extra71="High"
 CHECK_ASFF_RESOURCE_TYPE_extra71="AwsIamUser"
 CHECK_ALTERNATE_extra701="extra71"
--- a/checks/check_extra710
+++ b/checks/check_extra710
@@ -13,7 +13,7 @@
 CHECK_ID_extra710="7.10"
 CHECK_TITLE_extra710="[extra710] Check for internet facing EC2 Instances"
 CHECK_SCORED_extra710="NOT_SCORED"
-CHECK_TYPE_extra710="EXTRA"
+CHECK_CIS_LEVEL_extra710="EXTRA"
 CHECK_SEVERITY_extra710="Medium"
 CHECK_ASFF_RESOURCE_TYPE_extra710="AwsEc2Instance"
 CHECK_ALTERNATE_check710="extra710"
--- a/checks/check_extra7100
+++ b/checks/check_extra7100
@@ -17,7 +17,7 @@
 CHECK_ID_extra7100="7.100"
 CHECK_TITLE_extra7100="[extra7100] Ensure that no custom IAM policies exist which allow permissive role assumption (e.g. sts:AssumeRole on *)"
 CHECK_SCORED_extra7100="NOT_SCORED"
-CHECK_TYPE_extra7100="EXTRA"
+CHECK_CIS_LEVEL_extra7100="EXTRA"
 CHECK_SEVERITY_extra7100="Critical"
 CHECK_ASFF_RESOURCE_TYPE_extra7100="AwsIamPolicy"
 CHECK_ALTERNATE_check7100="extra7100"
--- a/checks/check_extra7101
+++ b/checks/check_extra7101
@@ -14,7 +14,7 @@
 CHECK_ID_extra7101="7.101"
 CHECK_TITLE_extra7101="[extra7101] Check if Amazon Elasticsearch Service (ES) domains have audit logging enabled"
 CHECK_SCORED_extra7101="NOT_SCORED"
-CHECK_TYPE_extra7101="EXTRA"
+CHECK_CIS_LEVEL_extra7101="EXTRA"
 CHECK_SEVERITY_extra7101="Low"
 CHECK_ASFF_RESOURCE_TYPE_extra7101="AwsElasticsearchDomain"
 CHECK_ALTERNATE_check7101="extra7101"
--- a/checks/check_extra7102
+++ b/checks/check_extra7102
@@ -13,7 +13,7 @@
 CHECK_ID_extra7102="7.102"
 CHECK_TITLE_extra7102="[extra7102] Check if any of the Elastic or Public IP are in Shodan (requires Shodan API KEY)"
 CHECK_SCORED_extra7102="NOT_SCORED"
-CHECK_TYPE_extra7102="EXTRA"
+CHECK_CIS_LEVEL_extra7102="EXTRA"
 CHECK_SEVERITY_extra7102="High"
 CHECK_ASFF_RESOURCE_TYPE_extra7102="AwsEc2Eip"
 CHECK_ALTERNATE_check7102="extra7102"
--- a/checks/check_extra7103
+++ b/checks/check_extra7103
@@ -14,7 +14,7 @@
 CHECK_ID_extra7103="7.103"
 CHECK_TITLE_extra7103="[extra7103] Check if Amazon SageMaker Notebook instances have root access disabled"
 CHECK_SCORED_extra7103="NOT_SCORED"
-CHECK_TYPE_extra7103="EXTRA"
+CHECK_CIS_LEVEL_extra7103="EXTRA"
 CHECK_ASFF_RESOURCE_TYPE_extra7103="AwsSageMakerNotebookInstance"
 CHECK_ALTERNATE_check7103="extra7103"
 CHECK_SEVERITY_extra7103="Medium"
--- a/checks/check_extra7104
+++ b/checks/check_extra7104
@@ -14,7 +14,7 @@
 CHECK_ID_extra7104="7.104"
 CHECK_TITLE_extra7104="[extra7104] Check if Amazon SageMaker Notebook instances have VPC settings configured"
 CHECK_SCORED_extra7104="NOT_SCORED"
-CHECK_TYPE_extra7104="EXTRA"
+CHECK_CIS_LEVEL_extra7104="EXTRA"
 CHECK_ASFF_RESOURCE_TYPE_extra7104="AwsSageMakerNotebookInstance"
 CHECK_ALTERNATE_check7104="extra7104"
 CHECK_SEVERITY_extra7104="Medium"
--- a/checks/check_extra7105
+++ b/checks/check_extra7105
@@ -14,7 +14,7 @@
 CHECK_ID_extra7105="7.105"
 CHECK_TITLE_extra7105="[extra7105] Check if Amazon SageMaker Models have network isolation enabled"
 CHECK_SCORED_extra7105="NOT_SCORED"
-CHECK_TYPE_extra7105="EXTRA"
+CHECK_CIS_LEVEL_extra7105="EXTRA"
 CHECK_ASFF_RESOURCE_TYPE_extra7105="AwsSageMakerModel"
 CHECK_ALTERNATE_check7105="extra7105"
 CHECK_SEVERITY_extra7105="Medium"
--- a/checks/check_extra7106
+++ b/checks/check_extra7106
@@ -14,7 +14,7 @@
 CHECK_ID_extra7106="7.106"
 CHECK_TITLE_extra7106="[extra7106] Check if Amazon SageMaker Models have VPC settings configured"
 CHECK_SCORED_extra7106="NOT_SCORED"
-CHECK_TYPE_extra7106="EXTRA"
+CHECK_CIS_LEVEL_extra7106="EXTRA"
 CHECK_ASFF_RESOURCE_TYPE_extra7106="AwsSageMakerModel"
 CHECK_ALTERNATE_check7106="extra7106"
 CHECK_SEVERITY_extra7106="Medium"
--- a/checks/check_extra7107
+++ b/checks/check_extra7107
@@ -14,7 +14,7 @@
 CHECK_ID_extra7107="7.107"
 CHECK_TITLE_extra7107="[extra7107] Check if Amazon SageMaker Training jobs have intercontainer encryption enabled"
 CHECK_SCORED_extra7107="NOT_SCORED"
-CHECK_TYPE_extra7107="EXTRA"
+CHECK_CIS_LEVEL_extra7107="EXTRA"
 CHECK_ASFF_RESOURCE_TYPE_extra7107="AwsSageMakerNotebookInstance"
 CHECK_ALTERNATE_check7107="extra7107"
 CHECK_SEVERITY_extra7107="Medium"
--- a/checks/check_extra7108
+++ b/checks/check_extra7108
@@ -14,7 +14,7 @@
 CHECK_ID_extra7108="7.108"
 CHECK_TITLE_extra7108="[extra7108] Check if Amazon SageMaker Training jobs have volume and output with KMS encryption enabled"
 CHECK_SCORED_extra7108="NOT_SCORED"
-CHECK_TYPE_extra7108="EXTRA"
+CHECK_CIS_LEVEL_extra7108="EXTRA"
 CHECK_ASFF_RESOURCE_TYPE_extra7108="AwsSageMakerNotebookInstance"
 CHECK_ALTERNATE_check7108="extra7108"
 CHECK_SEVERITY_extra7108="Medium"
--- a/checks/check_extra7109
+++ b/checks/check_extra7109
@@ -14,7 +14,7 @@
 CHECK_ID_extra7109="7.109"
 CHECK_TITLE_extra7109="[extra7109] Check if Amazon SageMaker Training jobs have network isolation enabled"
 CHECK_SCORED_extra7109="NOT_SCORED"
-CHECK_TYPE_extra7109="EXTRA"
+CHECK_CIS_LEVEL_extra7109="EXTRA"
 CHECK_ASFF_RESOURCE_TYPE_extra7109="AwsSageMakerNotebookInstance"
 CHECK_ALTERNATE_check7109="extra7109"
 CHECK_SEVERITY_extra7109="Medium"
--- a/checks/check_extra711
+++ b/checks/check_extra711
@@ -13,7 +13,7 @@
 CHECK_ID_extra711="7.11"
 CHECK_TITLE_extra711="[extra711] Check for Publicly Accessible Redshift Clusters"
 CHECK_SCORED_extra711="NOT_SCORED"
-CHECK_TYPE_extra711="EXTRA"
+CHECK_CIS_LEVEL_extra711="EXTRA"
 CHECK_SEVERITY_extra711="High"
 CHECK_ASFF_RESOURCE_TYPE_extra711="AwsRedshiftCluster"
 CHECK_ALTERNATE_check711="extra711"
--- a/checks/check_extra7110
+++ b/checks/check_extra7110
@@ -14,7 +14,7 @@
 CHECK_ID_extra7110="7.110"
 CHECK_TITLE_extra7110="[extra7110] Check if Amazon SageMaker Training job have VPC settings configured."
 CHECK_SCORED_extra7110="NOT_SCORED"
-CHECK_TYPE_extra7110="EXTRA"
+CHECK_CIS_LEVEL_extra7110="EXTRA"
 CHECK_ASFF_RESOURCE_TYPE_extra7110="AwsSageMakerNotebookInstance"
 CHECK_ALTERNATE_check7110="extra7110"
 CHECK_SEVERITY_extra7110="Medium"
--- a/checks/check_extra7111
+++ b/checks/check_extra7111
@@ -14,7 +14,7 @@
 CHECK_ID_extra7111="7.111"
 CHECK_TITLE_extra7111="[extra7111] Check if Amazon SageMaker Notebook instances have direct internet access"
 CHECK_SCORED_extra7111="NOT_SCORED"
-CHECK_TYPE_extra7111="EXTRA"
+CHECK_CIS_LEVEL_extra7111="EXTRA"
 CHECK_ASFF_RESOURCE_TYPE_extra7111="AwsSageMakerNotebookInstance"
 CHECK_ALTERNATE_check7111="extra7111"
 CHECK_SEVERITY_extra7111="Medium"
--- a/checks/check_extra7112
+++ b/checks/check_extra7112
@@ -14,7 +14,7 @@
 CHECK_ID_extra7112="7.112"
 CHECK_TITLE_extra7112="[extra7112] Check if Amazon SageMaker Notebook instances have data encryption enabled"
 CHECK_SCORED_extra7112="NOT_SCORED"
-CHECK_TYPE_extra7112="EXTRA"
+CHECK_CIS_LEVEL_extra7112="EXTRA"
 CHECK_ASFF_RESOURCE_TYPE_extra7112="AwsSageMakerNotebookInstance"
 CHECK_ALTERNATE_check7112="extra7112"
 CHECK_SEVERITY_extra7112="Medium"
--- a/checks/check_extra7113
+++ b/checks/check_extra7113
@@ -25,7 +25,7 @@
 CHECK_ID_extra7113="7.113"
 CHECK_TITLE_extra7113="[extra7113] Check if RDS instances have deletion protection enabled "
 CHECK_SCORED_extra7113="NOT_SCORED"
-CHECK_TYPE_extra7113="EXTRA"
+CHECK_CIS_LEVEL_extra7113="EXTRA"
 CHECK_SEVERITY_extra7113="Medium"
 CHECK_ASFF_RESOURCE_TYPE_extra7113="AwsRdsDbInstance"
 CHECK_ALTERNATE_check7113="extra7113"
--- a/checks/check_extra7114
+++ b/checks/check_extra7114
@@ -14,7 +14,7 @@
 CHECK_ID_extra7114="7.114"
 CHECK_TITLE_extra7114="[extra7114] Check if Glue development endpoints have S3 encryption enabled."
 CHECK_SCORED_extra7114="NOT_SCORED"
-CHECK_TYPE_extra7114="EXTRA"
+CHECK_CIS_LEVEL_extra7114="EXTRA"
 CHECK_SEVERITY_extra7114="Medium"
 CHECK_ASFF_RESOURCE_TYPE_extra7114="AwsGlue"
 CHECK_ALTERNATE_check7114="extra7114"
--- a/checks/check_extra7115
+++ b/checks/check_extra7115
@@ -13,7 +13,7 @@
 CHECK_ID_extra7115="7.115"
 CHECK_TITLE_extra7115="[extra7115] Check if Glue database connection has SSL connection enabled."
 CHECK_SCORED_extra7115="NOT_SCORED"
-CHECK_TYPE_extra7115="EXTRA"
+CHECK_CIS_LEVEL_extra7115="EXTRA"
 CHECK_SEVERITY_extra7115="Medium"
 CHECK_ASFF_RESOURCE_TYPE_extra7115="AwsGlue"
 CHECK_ALTERNATE_check7115="extra7115"
--- a/checks/check_extra7116
+++ b/checks/check_extra7116
@@ -13,7 +13,7 @@
 CHECK_ID_extra7116="7.116"
 CHECK_TITLE_extra7116="[extra7116] Check if Glue data catalog settings have metadata encryption enabled."
 CHECK_SCORED_extra7116="NOT_SCORED"
-CHECK_TYPE_extra7116="EXTRA"
+CHECK_CIS_LEVEL_extra7116="EXTRA"
 CHECK_SEVERITY_extra7116="Medium"
 CHECK_ASFF_RESOURCE_TYPE_extra7116="AwsGlue"
 CHECK_ALTERNATE_check7116="extra7116"
--- a/checks/check_extra7117
+++ b/checks/check_extra7117
@@ -13,7 +13,7 @@
 CHECK_ID_extra7117="7.117"
 CHECK_TITLE_extra7117="[extra7117] Check if Glue data catalog settings have encrypt connection password enabled."
 CHECK_SCORED_extra7117="NOT_SCORED"
-CHECK_TYPE_extra7117="EXTRA"
+CHECK_CIS_LEVEL_extra7117="EXTRA"
 CHECK_SEVERITY_extra7117="Medium"
 CHECK_ASFF_RESOURCE_TYPE_extra7117="AwsGlue"
 CHECK_ALTERNATE_check7117="extra7117"
--- a/checks/check_extra7118
+++ b/checks/check_extra7118
@@ -13,7 +13,7 @@
 CHECK_ID_extra7118="7.118"
 CHECK_TITLE_extra7118="[extra7118] Check if Glue ETL Jobs have S3 encryption enabled."
 CHECK_SCORED_extra7118="NOT_SCORED"
-CHECK_TYPE_extra7118="EXTRA"
+CHECK_CIS_LEVEL_extra7118="EXTRA"
 CHECK_SEVERITY_extra7118="Medium"
 CHECK_ASFF_RESOURCE_TYPE_extra7118="AwsGlue"
 CHECK_ALTERNATE_check7118="extra7118"
--- a/checks/check_extra7119
+++ b/checks/check_extra7119
@@ -14,7 +14,7 @@
 CHECK_ID_extra7119="7.119"
 CHECK_TITLE_extra7119="[extra7119] Check if Glue development endpoints have CloudWatch logs encryption enabled."
 CHECK_SCORED_extra7119="NOT_SCORED"
-CHECK_TYPE_extra7119="EXTRA"
+CHECK_CIS_LEVEL_extra7119="EXTRA"
 CHECK_SEVERITY_extra7119="Medium"
 CHECK_ASFF_RESOURCE_TYPE_extra7119="AwsGlue"
 CHECK_ALTERNATE_check7119="extra7119"
--- a/checks/check_extra712
+++ b/checks/check_extra712
@@ -13,7 +13,7 @@
 CHECK_ID_extra712="7.12"
 CHECK_TITLE_extra712="[extra712] Check if Amazon Macie is enabled"
 CHECK_SCORED_extra712="NOT_SCORED"
-CHECK_TYPE_extra712="EXTRA"
+CHECK_CIS_LEVEL_extra712="EXTRA"
 CHECK_SEVERITY_extra712="Low"
 CHECK_ALTERNATE_check712="extra712"
 CHECK_ASFF_RESOURCE_TYPE_extra712="AwsMacieSession"
--- a/checks/check_extra7120
+++ b/checks/check_extra7120
@@ -13,7 +13,7 @@
 CHECK_ID_extra7120="7.120"
 CHECK_TITLE_extra7120="[extra7120] Check if Glue ETL Jobs have CloudWatch Logs encryption enabled."
 CHECK_SCORED_extra7120="NOT_SCORED"
-CHECK_TYPE_extra7120="EXTRA"
+CHECK_CIS_LEVEL_extra7120="EXTRA"
 CHECK_SEVERITY_extra7120="Medium"
 CHECK_ASFF_RESOURCE_TYPE_extra7120="AwsGlue"
 CHECK_ALTERNATE_check7120="extra7120"
--- a/checks/check_extra7121
+++ b/checks/check_extra7121
@@ -14,7 +14,7 @@
 CHECK_ID_extra7121="7.121"
 CHECK_TITLE_extra7121="[extra7121] Check if Glue development endpoints have Job bookmark encryption enabled."
 CHECK_SCORED_extra7121="NOT_SCORED"
-CHECK_TYPE_extra7121="EXTRA"
+CHECK_CIS_LEVEL_extra7121="EXTRA"
 CHECK_SEVERITY_extra7121="Medium"
 CHECK_ASFF_RESOURCE_TYPE_extra7121="AwsGlue"
 CHECK_ALTERNATE_check7121="extra7121"
--- a/checks/check_extra7122
+++ b/checks/check_extra7122
@@ -13,7 +13,7 @@
 CHECK_ID_extra7122="7.122"
 CHECK_TITLE_extra7122="[extra7122] Check if Glue ETL Jobs have Job bookmark encryption enabled."
 CHECK_SCORED_extra7122="NOT_SCORED"
-CHECK_TYPE_extra7122="EXTRA"
+CHECK_CIS_LEVEL_extra7122="EXTRA"
 CHECK_SEVERITY_extra7122="Medium"
 CHECK_ASFF_RESOURCE_TYPE_extra7122="AwsGlue"
 CHECK_ALTERNATE_check7122="extra7122"
--- a/checks/check_extra7123
+++ b/checks/check_extra7123
@@ -13,7 +13,7 @@
 CHECK_ID_extra7123="7.123"
 CHECK_TITLE_extra7123="[extra7123] Check if IAM users have two active access keys"
 CHECK_SCORED_extra7123="NOT_SCORED"
-CHECK_TYPE_extra7123="EXTRA"
+CHECK_CIS_LEVEL_extra7123="EXTRA"
 CHECK_SEVERITY_extra7123="Medium"
 CHECK_ASFF_TYPE_extra7123="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ASFF_RESOURCE_TYPE_extra7123="AwsIamUser"
--- a/checks/check_extra7124
+++ b/checks/check_extra7124
@@ -13,7 +13,7 @@
 CHECK_ID_extra7124="7.124"
 CHECK_TITLE_extra7124="[extra7124] Check if EC2 instances are managed by Systems Manager."
 CHECK_SCORED_extra7124="NOT_SCORED"
-CHECK_TYPE_extra7124="EXTRA"
+CHECK_CIS_LEVEL_extra7124="EXTRA"
 CHECK_SEVERITY_extra7124="Medium"
 CHECK_ASFF_RESOURCE_TYPE_extra7124="AwsEc2Instance"
 CHECK_ALTERNATE_check7124="extra7124"
--- a/checks/check_extra7125
+++ b/checks/check_extra7125
@@ -13,7 +13,7 @@
 CHECK_ID_extra7125="7.125"
 CHECK_TITLE_extra7125="[extra7125] Check if IAM users have Hardware MFA enabled."
 CHECK_SCORED_extra7125="NOT_SCORED"
-CHECK_TYPE_extra7125="EXTRA"
+CHECK_CIS_LEVEL_extra7125="EXTRA"
 CHECK_SEVERITY_extra7125="Medium"
 CHECK_ASFF_RESOURCE_TYPE_extra7125="AwsIamUser"
 CHECK_ALTERNATE_check7125="extra7125"
--- a/checks/check_extra7126
+++ b/checks/check_extra7126
@@ -13,7 +13,7 @@
 CHECK_ID_extra7126="7.126"
 CHECK_TITLE_extra7126="[extra7126] Check if there are CMK KMS keys not used"
 CHECK_SCORED_extra7126="NOT_SCORED"
-CHECK_TYPE_extra7126="EXTRA"
+CHECK_CIS_LEVEL_extra7126="EXTRA"
 CHECK_SEVERITY_extra7126="Medium"
 CHECK_ASFF_RESOURCE_TYPE_extra7126="AwsKmsKey"
 CHECK_ALTERNATE_check7126="extra7126"
--- a/checks/check_extra7127
+++ b/checks/check_extra7127
@@ -13,7 +13,7 @@
 CHECK_ID_extra7127="7.127"
 CHECK_TITLE_extra7127="[extra7127] Check if EC2 instances managed by Systems Manager are compliant with patching requirements"
 CHECK_SCORED_extra7127="NOT_SCORED"
-CHECK_TYPE_extra7127="EXTRA"
+CHECK_CIS_LEVEL_extra7127="EXTRA"
 CHECK_SEVERITY_extra7127="High"
 CHECK_ASFF_RESOURCE_TYPE_extra7127="AwsEc2Instance"
 CHECK_ASFF_TYPE_extra7127="Software and Configuration Checks/ENS op.exp.4.aws.sys.1"
--- a/checks/check_extra7128
+++ b/checks/check_extra7128
@@ -13,7 +13,7 @@
 CHECK_ID_extra7128="7.128"
 CHECK_TITLE_extra7128="[extra7128] Check if DynamoDB table has encryption at rest enabled using CMK KMS"
 CHECK_SCORED_extra7128="NOT_SCORED"
-CHECK_TYPE_extra7128="EXTRA"
+CHECK_CIS_LEVEL_extra7128="EXTRA"
 CHECK_SEVERITY_extra7128="Medium"
 CHECK_ASFF_RESOURCE_TYPE_extra7128="AwsDynamoDBTable"
 CHECK_ALTERNATE_check7128="extra7128"
--- a/checks/check_extra7129
+++ b/checks/check_extra7129
@@ -13,7 +13,7 @@
 CHECK_ID_extra7129="7.129"
 CHECK_TITLE_extra7129="[extra7129] Check if Application Load Balancer has a WAF ACL attached"
 CHECK_SCORED_extra7129="NOT_SCORED"
-CHECK_TYPE_extra7129="EXTRA"
+CHECK_CIS_LEVEL_extra7129="EXTRA"
 CHECK_SEVERITY_extra7129="Medium"
 CHECK_ASFF_RESOURCE_TYPE_extra7129="AwsElasticLoadBalancingV2LoadBalancer"
 CHECK_ALTERNATE_check7129="extra7129"
@@ -24,49 +24,54 @@ CHECK_REMEDIATION_extra7129='Using the AWS Management Console open the AWS WAF c
 CHECK_DOC_extra7129='https://docs.aws.amazon.com/waf/latest/developerguide/web-acl-associating-aws-resource.html'
 CHECK_CAF_EPIC_extra7129='Infrastructure Security'
 PARALLEL_REGIONS="50"
 extra7129(){
  for regx in $REGIONS; do
-    LIST_OF_ELBSV2=$($AWSCLI elbv2 describe-load-balancers $PROFILE_OPT --region $regx --query 'LoadBalancers[?Scheme == `internet-facing` && Type == `application`].[LoadBalancerName]' --output text)
+      # (
-    LIST_OF_WAFV2_WEBACL_ARN=$($AWSCLI wafv2 list-web-acls $PROFILE_OPT --region=$regx --scope=REGIONAL --query WebACLs[*].ARN --output text)
+        LIST_OF_ELBSV2=$($AWSCLI elbv2 describe-load-balancers $PROFILE_OPT --region $regx --query 'LoadBalancers[?Scheme == `internet-facing` && Type == `application`].[LoadBalancerName]' --output text)
-    LIST_OF_WAFV1_WEBACL_WEBACLID=$($AWSCLI waf-regional list-web-acls $PROFILE_OPT --region $regx --query WebACLs[*].[WebACLId] --output text)
+        LIST_OF_WAFV2_WEBACL_ARN=$($AWSCLI wafv2 list-web-acls $PROFILE_OPT --region=$regx --scope=REGIONAL --query WebACLs[*].ARN --output text)
        LIST_OF_WAFV1_WEBACL_WEBACLID=$($AWSCLI waf-regional list-web-acls $PROFILE_OPT --region $regx --query WebACLs[*].[WebACLId] --output text)
-    if [[ $LIST_OF_ELBSV2 ]]; then
+        if [[ $LIST_OF_ELBSV2 ]]; then
-      for alb in $LIST_OF_ELBSV2; do
+          for alb in $LIST_OF_ELBSV2; do
-        if [[ ${#LIST_OF_WAFV2_WEBACL_ARN[@]} -gt 0 || ${#LIST_OF_WAFV1_WEBACL_WEBACLID[@]} -gt 0 ]]; then
+            if [[ ${#LIST_OF_WAFV2_WEBACL_ARN[@]} -gt 0 || ${#LIST_OF_WAFV1_WEBACL_WEBACLID[@]} -gt 0 ]]; then
-          WAF_PROTECTED_ALBS=()
+              WAF_PROTECTED_ALBS=()
-          for wafaclarn in $LIST_OF_WAFV2_WEBACL_ARN; do
+              for wafaclarn in $LIST_OF_WAFV2_WEBACL_ARN; do
-            ALB_RESOURCES_IN_WEBACL=$($AWSCLI wafv2 list-resources-for-web-acl $PROFILE_OPT --web-acl-arn $wafaclarn --region=$regx --resource-type APPLICATION_LOAD_BALANCER --query ResourceArns --output text | xargs -n1 | awk -F'/' '{ print $3 }'| grep $alb)
+                ALB_RESOURCES_IN_WEBACL=$($AWSCLI wafv2 list-resources-for-web-acl $PROFILE_OPT --web-acl-arn $wafaclarn --region=$regx --resource-type APPLICATION_LOAD_BALANCER --query ResourceArns --output text | xargs -n1 | awk -F'/' '{ print $3 }'| grep $alb)
-            if [[ $ALB_RESOURCES_IN_WEBACL ]]; then
+                if [[ $ALB_RESOURCES_IN_WEBACL ]]; then
-              WAF_PROTECTED_ALBS+=($wafaclarn)
+                  WAF_PROTECTED_ALBS+=($wafaclarn)
                fi
              done
              for wafv1aclid in $LIST_OF_WAFV1_WEBACL_WEBACLID; do
                ALB_RESOURCES_IN_WEBACL=$($AWSCLI waf-regional list-resources-for-web-acl $PROFILE_OPT --web-acl-id $wafv1aclid --region=$regx --resource-type APPLICATION_LOAD_BALANCER --output text --query "[ResourceArns]"| grep $alb)
                if [[ $ALB_RESOURCES_IN_WEBACL ]]; then
                  WAFv1_PROTECTED_ALBS+=($wafv1aclid)
                fi
              done
              if [[ ${#WAF_PROTECTED_ALBS[@]} -gt 0 || ${#WAFv1_PROTECTED_ALBS[@]} -gt 0 ]]; then
                if [[ ${#WAF_PROTECTED_ALBS[@]} -gt 0 ]]; then
                  for wafaclarn in "${WAF_PROTECTED_ALBS[@]}"; do
                    WAFV2_WEBACL_ARN_SHORT=$(echo $wafaclarn |  awk -F'/' '{ print $3 }')
                    textPass "$regx: Application Load Balancer $alb is protected by WAFv2 ACL $WAFV2_WEBACL_ARN_SHORT" "$regx" "$alb"
                  done
                fi
                if [[ ${#WAFv1_PROTECTED_ALBS[@]} -gt 0 ]]; then
                  for wafv1aclid in "${WAFv1_PROTECTED_ALBS[@]}"; do
                    textPass "$regx: Application Load Balancer $alb is protected by WAFv1 ACL $wafv1aclid" "$regx" "$alb"
                  done
                fi
              else
                textFail "$regx: Application Load Balancer $alb is not protected by WAF ACL" "$regx" "$alb"
              fi
            else
              textFail "$regx: Application Load Balancer $alb is not protected no WAF ACL found" "$regx" "$alb"
            fi
          done
          for wafv1aclid in $LIST_OF_WAFV1_WEBACL_WEBACLID; do
            ALB_RESOURCES_IN_WEBACL=$($AWSCLI waf-regional list-resources-for-web-acl $PROFILE_OPT --web-acl-id $wafv1aclid --region=$regx --resource-type APPLICATION_LOAD_BALANCER --output text --query "[ResourceArns]"| grep $alb)
            if [[ $ALB_RESOURCES_IN_WEBACL ]]; then
              WAFv1_PROTECTED_ALBS+=($wafv1aclid)
            fi
          done
          if [[ ${#WAF_PROTECTED_ALBS[@]} -gt 0 || ${#WAFv1_PROTECTED_ALBS[@]} -gt 0 ]]; then
            if [[ ${#WAF_PROTECTED_ALBS[@]} -gt 0 ]]; then
              for wafaclarn in "${WAF_PROTECTED_ALBS[@]}"; do
                WAFV2_WEBACL_ARN_SHORT=$(echo $wafaclarn |  awk -F'/' '{ print $3 }')
                textPass "$regx: Application Load Balancer $alb is protected by WAFv2 ACL $WAFV2_WEBACL_ARN_SHORT" "$regx" "$alb"
              done
            fi
            if [[ ${#WAFv1_PROTECTED_ALBS[@]} -gt 0 ]]; then
              for wafv1aclid in "${WAFv1_PROTECTED_ALBS[@]}"; do
                textPass "$regx: Application Load Balancer $alb is protected by WAFv1 ACL $wafv1aclid" "$regx" "$alb"
              done
            fi
          else
            textFail "$regx: Application Load Balancer $alb is not protected by WAF ACL" "$regx" "$alb"
          fi
        else
-          textFail "$regx: Application Load Balancer $alb is not protected no WAF ACL found" "$regx" "$alb"
+          textInfo "$regx: No Application Load Balancers found" "$regx"
        fi
-      done
+    # ) & 
    else
      textInfo "$regx: No Application Load Balancers found" "$regx"
    fi
  done
  # wait
 }
--- a/checks/check_extra713
+++ b/checks/check_extra713
@@ -13,7 +13,7 @@
 CHECK_ID_extra713="7.13"
 CHECK_TITLE_extra713="[extra713] Check if GuardDuty is enabled"
 CHECK_SCORED_extra713="NOT_SCORED"
-CHECK_TYPE_extra713="EXTRA"
+CHECK_CIS_LEVEL_extra713="EXTRA"
 CHECK_SEVERITY_extra713="High"
 CHECK_ALTERNATE_check713="extra713"
 CHECK_ASFF_COMPLIANCE_TYPE_extra713="ens-op.mon.1.aws.duty.1"
--- a/checks/check_extra7130
+++ b/checks/check_extra7130
@@ -14,7 +14,7 @@
 CHECK_ID_extra7130="7.130"
 CHECK_TITLE_extra7130="[extra7130] Ensure there are no SNS Topics unencrypted"
 CHECK_SCORED_extra7130="NOT_SCORED"
-CHECK_TYPE_extra7130="EXTRA"
+CHECK_CIS_LEVEL_extra7130="EXTRA"
 CHECK_SEVERITY_extra7130="Medium"
 CHECK_ASFF_RESOURCE_TYPE_extra7130="AwsSnsTopic"
 CHECK_ALTERNATE_check7130="extra7130"
--- a/checks/check_extra7131
+++ b/checks/check_extra7131
@@ -13,7 +13,7 @@
 CHECK_ID_extra7131="7.131"
 CHECK_TITLE_extra7131="[extra7131] Ensure RDS instances have minor version upgrade enabled"
 CHECK_SCORED_extra7131="NOT_SCORED"
-CHECK_TYPE_extra7131="EXTRA"
+CHECK_CIS_LEVEL_extra7131="EXTRA"
 CHECK_SEVERITY_extra7131="Low"
 CHECK_ASFF_RESOURCE_TYPE_extra7131="AwsRdsDbInstance"
 CHECK_ALTERNATE_check7131="extra7131"
--- a/checks/check_extra7132
+++ b/checks/check_extra7132
@@ -13,7 +13,7 @@
 CHECK_ID_extra7132="7.132"
 CHECK_TITLE_extra7132="[extra7132] Check if RDS instances has enhanced monitoring enabled"
 CHECK_SCORED_extra7132="NOT_SCORED"
-CHECK_TYPE_extra7132="EXTRA"
+CHECK_CIS_LEVEL_extra7132="EXTRA"
 CHECK_SEVERITY_extra7132="Low"
 CHECK_ASFF_RESOURCE_TYPE_extra7132="AwsRdsDbInstance"
 CHECK_ALTERNATE_check7132="extra7132"
--- a/checks/check_extra7133
+++ b/checks/check_extra7133
@@ -13,7 +13,7 @@
 CHECK_ID_extra7133="7.133"
 CHECK_TITLE_extra7133="[extra7133] Check if RDS instances have multi-AZ enabled"
 CHECK_SCORED_extra7133="NOT_SCORED"
-CHECK_TYPE_extra7133="EXTRA"
+CHECK_CIS_LEVEL_extra7133="EXTRA"
 CHECK_SEVERITY_extra7133="Medium"
 CHECK_ASFF_RESOURCE_TYPE_extra7133="AwsRdsDbInstance"
 CHECK_ALTERNATE_check7133="extra7133"
--- a/checks/check_extra7134
+++ b/checks/check_extra7134
@@ -13,7 +13,7 @@
 CHECK_ID_extra7134="7.134"
 CHECK_TITLE_extra7134="[extra7134] Ensure no security groups allow ingress from 0.0.0.0/0 or ::/0 to FTP ports 20 or 21 "
 CHECK_SCORED_extra7134="NOT_SCORED"
-CHECK_TYPE_extra7134="EXTRA"
+CHECK_CIS_LEVEL_extra7134="EXTRA"
 CHECK_SEVERITY_extra7134="High"
 CHECK_ASFF_RESOURCE_TYPE_extra7134="AwsEc2SecurityGroup"
 CHECK_ALTERNATE_check7134="extra7134"
--- a/checks/check_extra7135
+++ b/checks/check_extra7135
@@ -13,7 +13,7 @@
 CHECK_ID_extra7135="7.135"
 CHECK_TITLE_extra7135="[extra7135] Ensure no security groups allow ingress from 0.0.0.0/0 or ::/0 to Kafka port 9092 "
 CHECK_SCORED_extra7135="NOT_SCORED"
-CHECK_TYPE_extra7135="EXTRA"
+CHECK_CIS_LEVEL_extra7135="EXTRA"
 CHECK_SEVERITY_extra7135="High"
 CHECK_ASFF_RESOURCE_TYPE_extra7135="AwsEc2SecurityGroup"
 CHECK_ALTERNATE_check7135="extra7135"
--- a/checks/check_extra7136
+++ b/checks/check_extra7136
@@ -13,7 +13,7 @@
 CHECK_ID_extra7136="7.136"
 CHECK_TITLE_extra7136="[extra7136] Ensure no security groups allow ingress from 0.0.0.0/0 or ::/0 to Telnet port 23 "
 CHECK_SCORED_extra7136="NOT_SCORED"
-CHECK_TYPE_extra7136="EXTRA"
+CHECK_CIS_LEVEL_extra7136="EXTRA"
 CHECK_SEVERITY_extra7136="High"
 CHECK_ASFF_RESOURCE_TYPE_extra7136="AwsEc2SecurityGroup"
 CHECK_ALTERNATE_check7136="extra7136"
--- a/checks/check_extra7137
+++ b/checks/check_extra7137
@@ -13,7 +13,7 @@
 CHECK_ID_extra7137="7.137"
 CHECK_TITLE_extra7137="[extra7137] Ensure no security groups allow ingress from 0.0.0.0/0 or ::/0 to Windows SQL Server ports 1433 or 1434 "
 CHECK_SCORED_extra7137="NOT_SCORED"
-CHECK_TYPE_extra7137="EXTRA"
+CHECK_CIS_LEVEL_extra7137="EXTRA"
 CHECK_SEVERITY_extra7137="High"
 CHECK_ASFF_RESOURCE_TYPE_extra7137="AwsEc2SecurityGroup"
 CHECK_ALTERNATE_check7137="extra7137"
--- a/checks/check_extra7138
+++ b/checks/check_extra7138
@@ -13,7 +13,7 @@
 CHECK_ID_extra7138="7.138"
 CHECK_TITLE_extra7138="[extra7138] Ensure no Network ACLs allow ingress from 0.0.0.0/0 to any port"
 CHECK_SCORED_extra7138="NOT SCORED"
-CHECK_TYPE_extra7138="LEVEL2"
+CHECK_CIS_LEVEL_extra7138="LEVEL2"
 CHECK_SEVERITY_extra7138="High"
 CHECK_ASFF_TYPE_extra7138="Software and Configuration Checks/Industry and Regulatory Standards/CIS AWS Foundations Benchmark"
 CHECK_ASFF_RESOURCE_TYPE_extra7138="AwsEc2NetworkAcl"
--- a/checks/check_extra7139
+++ b/checks/check_extra7139
@@ -12,7 +12,7 @@
 CHECK_ID_extra7139="7.139"
 CHECK_TITLE_extra7139="[extra7139] There are High severity GuardDuty findings "
 CHECK_SCORED_extra7139="NOT_SCORED"
-CHECK_TYPE_extra7139="EXTRA"
+CHECK_CIS_LEVEL_extra7139="EXTRA"
 CHECK_SEVERITY_extra7139="High"
 CHECK_ASFF_RESOURCE_TYPE_extra7139="AwsGuardDutyDetector"
 CHECK_ALTERNATE_check7139="extra7139"
--- a/checks/check_extra714
+++ b/checks/check_extra714
@@ -13,7 +13,7 @@
 CHECK_ID_extra714="7.14"
 CHECK_TITLE_extra714="[extra714] Check if CloudFront distributions have logging enabled"
 CHECK_SCORED_extra714="NOT_SCORED"
-CHECK_TYPE_extra714="EXTRA"
+CHECK_CIS_LEVEL_extra714="EXTRA"
 CHECK_SEVERITY_extra714="Medium"
 CHECK_ASFF_RESOURCE_TYPE_extra714="AwsCloudFrontDistribution"
 CHECK_ALTERNATE_check714="extra714"
--- a/checks/check_extra7140
+++ b/checks/check_extra7140
@@ -12,7 +12,7 @@
 CHECK_ID_extra7140="7.140"
 CHECK_TITLE_extra7140="[extra7140] Check if there are SSM Documents set as public"
 CHECK_SCORED_extra7140="NOT_SCORED"
-CHECK_TYPE_extra7140="EXTRA"
+CHECK_CIS_LEVEL_extra7140="EXTRA"
 CHECK_SEVERITY_extra7140="High"
 CHECK_ASFF_RESOURCE_TYPE_extra7140="AwsSsmDocument"
 CHECK_ALTERNATE_check7140="extra7140"
--- a/checks/check_extra7141
+++ b/checks/check_extra7141
@@ -13,7 +13,7 @@
 CHECK_ID_extra7141="7.141"
 CHECK_TITLE_extra7141="[extra7141] Find secrets in SSM Documents"
 CHECK_SCORED_extra7141="NOT_SCORED"
-CHECK_TYPE_extra7141="EXTRA"
+CHECK_CIS_LEVEL_extra7141="EXTRA"
 CHECK_SEVERITY_extra7141="Critical"
 CHECK_ASFF_RESOURCE_TYPE_extra7141="AwsSsmDocument"
 CHECK_ALTERNATE_check7141="extra7141"
--- a/checks/check_extra7142
+++ b/checks/check_extra7142
@@ -13,7 +13,7 @@
 CHECK_ID_extra7142="7.142"
 CHECK_TITLE_extra7142="[extra7142] Check if Application Load Balancer is dropping invalid packets to prevent header based HTTP request smuggling"
 CHECK_SCORED_extra7142="NOT_SCORED"
-CHECK_TYPE_extra7142="EXTRA"
+CHECK_CIS_LEVEL_extra7142="EXTRA"
 CHECK_SEVERITY_extra7142="Medium"
 CHECK_ASFF_RESOURCE_TYPE_extra7142="AwsElasticLoadBalancingV2LoadBalancer"
 CHECK_ALTERNATE_check7142="extra7142"
--- a/Show More
+++ b/Show More