ControlMonkey is proud to announce that we’ve achieved the AWS Generative AI Competency, a recognition awarded to partners who demonstrate deep expertise and proven customer success in building Generative AI–powered solutions on AWS.

This achievement underscores our commitment to innovation, automation, and intelligent cloud management, helping DevOps and platform teams accelerate their cloud journey with AI-driven insights and automation.

What is the AWS GenAI Software Competency?

The AWS GenAI Competency recognizes partners who deliver exceptional Generative AI solutions on AWS.
It validates that ControlMonkey meets AWS’s highest standards for technical proficiency, customer success, and innovation in applying GenAI to real-world challenges.

This achievement also highlights ControlMonkey expertise in leveraging Amazon Bedrock, AWS’s fully managed foundation model service, to build and scale GenAI-powered automation and governance solutions.

This means that when you work with ControlMonkey, you’re partnering with an AWS-validated GenAI Platform – combining the best of AI innovation with proven cloud automation excellence.

Meet Komo AI – The IaC Copilot for Cloud Teams

We’ve recently launched Komo AI, our new AI-powered Infrastructure as Code Agent — designed to transform how teams automate and govern their cloud environments.

Komo AI brings intelligence, speed, and accuracy to every stage of your infrastructure lifecycle:

Key Capabilities

• AI-assisted IaC generation & refactoring – Instantly convert existing cloud resources into Terraform.
  
• Policy & compliance validation – Detect issues and enforce best practices before deployment.
  
• Change impact insights – Understand dependencies and prevent configuration drift before it happens.

What’s Next

The launch of Komo AI is just the beginning.
We’re continuing to expand our GenAI-powered capabilities to help organizations achieve smarter, faster, and more secure cloud operations.

👉 Learn more and see KoMo AI in action

👉 Find us on the AWS Marketplace – AI Agents

Curious to learn how automation and governance can be elevated with IaC and AI?

Book an intro meeting to discover how ControlMonkey helps teams reduce risk, enforce compliance, and eliminate IaC blind spots.

With customers like Rapyd, Coralogix, and ReasonLabs already benefiting from compliance visibility, ControlMonkey is raising the bar for proactive cloud governance.

For teams managing their Terraform, OpenTofu, or Terragrunt environments, compliance is often a moving target. The new Cloud Compliance Dashboard in ControlMonkey delivers a unified, drill-down view into your compliance posture across AWS, Azure, and GCP helping you identify gaps before they turn into risks.

Introducing Cloud Compliance Dashboarding

The Compliance Dashboard gives DevOps and Cloud managers the ability to select relevant standards, track consolidated scores, and drill down into failed controls and resources.

Supported frameworks include:

• CIS Benchmarks (2.0, 2.1, 3.0)
• PCI DSS 4.0
• HIPAA Security Rule
• MITRE ATT&CK
• ENS_RD2022 (Spanish National Security Framework)
• DORA Regulation
• And more – Full List below

Teams can move from high-level compliance scores down to specific failed checks, pinpoint which resources triggered non-compliance (for example, an exposed EC2 instance), and shift compliance from reactive audits to proactive prevention.

Stay Ahead with Cloud Governance and Infrastructure Control

The dashboard provides decision-makers with measurable clarity. I Teams can continuously check compliance instead of just reacting to audit findings. They can enforce IaC policies on a large scale and strengthen infrastructure pipelines. This means:

• Improved visibility into your compliance score
• Reduced risk with drill-down checks at the resource level
• IaC alignment through proactive enforcement
• Scalable governance across multi-cloud environments

“When teams gain full visibility and proactive compliance controls, they stop reacting to problems and start preventing them. That’s how you consistently raise your compliance score.” said Ori Yemini, CTO, ControlMonkey

Customer Perspectives

2 of Control monkey customers already enjoying full IaC coverage visibility:

More IaC coverage means fewer security issues — period. What stood out with ControlMonkey was how easy it became to do things the right, modern way. When infrastructure and security teams can finally collaborate by design, that’s when security actually works

Nir Rothenberg

CISO

As a company that manages huge clusters of AWS resources, the ControlMonkey Platform and specifically its GitOps pipeline capabilities is an integral part of our infrastructure deployment process, enabling us to shift left our infrastructure policies, best practices, and guardrails to make sure our production environment is stable, compliant and secure

Yoni Farin

Coralogix

See it for yourself

Join our next Product Showdown to experience the Cloud Compliance Dashboard in action.

Supported Frameworks include:

Find below full list of framework support by cloud provider:

AWS

• CISA
• SOC 2
• CIS Benchmarks (1.4, 1.5, 2.0, 3.0, 4.0.1, 5.0)
• MITRE ATT&CK
• GDPR
• AWS Foundational Security Best Practices
• ISO/IEC 27001:2013 & 2022
• KISA ISMS-P 2023 (incl. Korean version)
• HIPAA Security Rule
• GxP 21 CFR Part 11
• GxP EU Annex 11
• NIST 800-171 Rev 2
• NIST 800-53 Rev 4 & Rev 5
• PCI DSS 4.0 & PCI DSS 3.2.1
• AWS Well-Architected Framework (Security & Reliability Pillars)
• AWS Account Security Onboarding
• AWS Foundational Technical Review
• AWS Audit Manager Control Tower Guardrails
• NIST Cybersecurity Framework (CSF) 1.1
• ENS_RD2022
• RBI Cyber Security Framework
• FFIEC Cybersecurity Assessment
• FedRAMP (Low & Moderate, Rev 4)
• NIS2 Directive

Azure

• PCI DSS 4.0
• SOC 2
• ISO/IEC 27001:2022
• CIS Benchmarks (2.0, 2.1, 3.0, 4.0)
• ENS_RD2022
• MITRE ATT&CK
• NIS2 Directive

GCP

• MITRE ATT&CK
• SOC 2
• CIS Benchmarks (2.0, 3.0, 4.0)
• ENS_RD2022
• PCI DSS 4.0
• ISO/IEC 27001:2022
• NIS2 Directive

We’re excited to share that we has achieved the AWS Financial Services Competency!
This milestone marks another key step in our partnership with AWS and highlights our ability to support highly regulated cloud environments with secure, resilient, and compliant IaC automation.

ControlMonkey already holds the AWS DevOps and Cloud Operations Software Competencies. Earning the Financial Services Competency demonstrates our growing commitment to this partnership and our mission to help financial institutions scale safely in the cloud.

Among our FinServ customers: Block, Rapyd, Nuvei, Invenco, Keyrock and many more

What is the AWS Financial Services Competency?

This designation is awarded to AWS Partners with proven success in helping financial services organizations meet core operational, compliance, and security requirements. It validates ControlMonkey’s ability to support initiatives tied to:

• Regulatory frameworks like DORA, PCI DSS, SOX, and more
• Operational resilience and business continuity
• Infrastructure governance and risk mitigation

Why Financial Services Teams Choose ControlMonkey

ControlMonkey helps financial institutions simplify infrastructure compliance and maintain resilience, even at scale:

• Built-in resilience: Full backup and recovery of your entire cloud configuration for instant disaster recovery
• Compliance enforcement: Enforce guardrails and IaC policies automatically across all infrastructure changes
• Drift & ClickOps remediation: Detect and auto-fix unauthorized changes across multi-account environments
• Cloud visibility at scale: Cross-account inventory and governance insights from code to cloud
• Trusted by top FSI customers: Including Block, Rapyd, Nuvei, Keyrock, and Invenco

ControlMonkey’s Latest FSI Activities with AWS

• Resilience in the cloud:our latest Webinar with AWS & Block – case study and industry talk.
• “This is My offer ” by aws  with  spotlight on ControlMonkey
• ControlMonkey FinServ Datasheet

Total Cloud Control – Purpose-Built for Financial Services

We’re proud to be recognized by AWS as a trusted partner for financial services. This competency validates our platform’s ability to help FSI teams stay compliant, recover quickly, and scale confidently – all while maintaining full control of their Terraform infrastructure.

curious to learn more about FinServ and Terraform scaling?

Book an intro meeting to see how ControlMonkey helps FSI teams reduce risk, enforce compliance, and eliminate IaC blind spots.

ControlMonkey now supports the AWS FSBP (Foundational Security Best Practices) policy package, giving cloud teams a fast path to enforce this compliance package across cloud infrastructure.
As modern cloud teams shift from a reactive to a proactive approach to security, the most logical step is to start enforcing policies at the Infrastructure as Code (IaC) level — treating risks at the source.

Introducing the AWS “Foundational Security Best Practices” Package

ControlMonkey’s latest compliance pack brings full support for the AWS Foundational Security Best Practices standard — curated by AWS to help teams strengthen cloud security posture.

• Apply AWS FSBP instantly across stacks, namespaces, or environments
  • Based on the AWS Security Hub standard for foundational security best practices
• Enforce security guardrails developed by AWS, without custom code
• Catch violations proactively before they reach production
• Get alerts on violations in your existing code with periodic scans of your IaC
• Combine with CIS, NIST, and PCI DSS for comprehensive governance

Stay Ahead with Cloud Governance and Infrastructure Control

The new package is another addition to ControlMonkey’s standard security bundles, alongside frameworks like CIS, PCI-DSS, NIST, and others – relieving cloud teams from the undifferentiated work of writing and maintaining policies

With ControlMonkey’s AWS FSBP Policy Package, you can:

• Identify misconfigurations and gaps in AWS security posture
• Prevent non-compliant infrastructure changes before they’re applied
• Enforce AWS Foundational Security Best Practices by default
• Apply consistent policy controls across IaC-managed AWS resources
• Eliminate manual checks and reduce operational overhead

Ready to enforce AWS FSBP the easy way?

Explore the AWS FSBP Policy Package in ControlMonkey today.

We’re excited to share that ControlMonkey has officially earned the “Deployed on AWS” status through AWS Marketplace. This shows our strong partnership with AWS. Additionally, highlights our commitment to providing scalable, secure, and production-ready solutions for DevOps teams around the world.

What Is “Deployed on AWS”?

The “Deployed on AWS” badge is a special mark from AWS. It is given to software solutions that are fully hosted on AWS. Our solutions have been checked by AWS for production use.

Starting May 1, 2025, this designation will be required for AWS PPA (Private Pricing Agreement) drawdown eligibility. This means only products with this badge can count toward PPA commitment retirements.

For ControlMonkey Marketplace Placement 

Why Customers Prefer to Buy ControlMonkey Through AWS Marketplace

In fact, ControlMonkey has been Marketplace-first since day one. We see the strategic and financial value it offers our customers

• ✅ PPA commitment drawdown – Retire AWS commitments by purchasing ControlMonkey through the MP
• ✅ Streamlined procurement – Work within existing AWS procurement workflows
• ✅ Consolidated billing – One invoice with AWS net terms, including other ISV purchases
• ✅ AWS-approved terms – No need for lengthy legal or security reviews
• ✅ Security & trust – Built and hosted fully on AWS with verified Marketplace listing
• ✅ Faster onboarding – Minimize friction and go live faster

ControlMonkey meets the new AWS-hosting requirements. We earned the “Deployed on AWS” badge. This effect helps our customers enjoy the full benefits of PPA spend retirements when they buy through AWS Marketplace.

Want to Learn More?

Schedule a quick call with our team. We can show you how ControlMonkey can improve your Terraform work and make the most of your AWS investment.

👉 let’s get time together to review all possibilities 

👉 more about AWS and ControlMonkey partnership

ControlMonkey now offers a unified Cloud Inventory view. With our latest update, users can search and visualize resources across all cloud providers- AWS, Azure, and GCP in a single dashboard. Whether you’re managing a global architecture or multiple cloud accounts, ControlMonkey brings total Cross Cloud Visibility and control to your fingertips.

Introducing Cross-Cloud Visibility in Cloud Inventory 

With multi-cloud inventory search, ControlMonkey users can now:

• Search and find any resource: like Queues, Load Balancers, or Buckets – across clouds and accounts in seconds
• Instantly spot IaC coverage gaps, including unmanaged resources by cloud, region, and state
• Drill down to any asset and see if it’s managed by IaC, where it the code in your version control system that manages that asset, and by which ControlMonkey stack

Stay Ahead with Cross-Cloud Visibility and Governance

As cloud environments grow in complexity, visibility becomes non-negotiable. ControlMonkey’s new Cloud Inventory ensures DevOps and CloudOps teams can confidently track and govern resources across regions, vendors, and IaC states — Get time with us today!

We’re excited to share that ControlMonkey has achieved the AWS Cloud Operations Software Competency. Another milestone that shows our commitment to delivering scalable IaC automation and cloud governance solutions for cloud teams.
ControlMonkey already has the AWS DevOps Software Competency. Earning a second competency shows our strong commitment to this partnership. It also supports our mission to provide innovative solutions for our customers.

What is the AWS Cloud Operations Software Competency?

This designation is awarded to software providers who have demonstrated proven customer success and technical expertise in delivering solutions that support operational excellence across five key areas:

1. Cloud Governance
2. Cloud Financial Management
3. Monitoring and Observability
4. Compliance and Auditing
5. Operations Management

ControlMonkey’s inclusion in this Competency validates our ability to help customers manage and scale their large-scale cloud environments with confidence.

Why It Matters

As cloud complexity grows, teams face challenges around visibility, compliance, and operational efficiency. ControlMonkey addresses these issues with our fully end-to-end Terraform Automation platform that brings order to cloud complexity.

“ControlMonkey automates Terraform workflows with built-in guardrails—so teams can scale fast without sacrificing governance and control,” said Ori Yemini, CTO of ControlMonkey.

Total Cloud Control — Validated by AWS

We’re proud to be recognized by AWS as a trusted software partner. With this competency, ControlMonkey continues to raise the bar for IaC governance and operational excellence in the cloud.

Want to learn more about Terraform and AWS?

Book an intro meeting to see how ControlMonkey and AWS can power your cloud operations strategy

As part of our continuous Enterprise-ready support and in response to our customers’ growing needs, we are happy to announce a massive upgrade to our Onboarding process.
Starting today, ControlMonkey users can Connect an AWS organization with dozens or hundreds of accounts to ControlMonkey with a few clicks.

Instead of onboarding each account individually, which was very time-consuming, Connect an AWS Organization allows you to onboard hundreds of accounts in a few clicks, streamlining the onboarding process.

This capability leverages CloudFormation’s StackSet feature.

The StackSet in your parent (organization) account will generate an IAM Role and IAM Policy (which enable the connection to the ControlMonkey platform) in the organizational units and accounts you choose to opt-in.

With Connect an AWS Organization, ControlMonkey customers with dozens or even hundreds of AWS accounts can shorten the onboarding by 90%, saving precious engineering time and gaining a faster time to value.

Once the entire organization is connected, customers gain a complete cloud inventory of their AWS footprint in minutes!

Our Terraform experts are ready to hop on a 30-minute call  and help you solve your Day 2 challenges.

Today, ControlMonkey is pleased to announce that we have added the capability to easily import AWS Identity Center resources to Terraform/OpenTofu Code using our Terraform Import Engine.

AWS Identity Center is a service that provides centralized management of access to multiple AWS accounts and applications. It enables organizations to manage user identities and permissions efficiently, allowing users to sign in to their AWS accounts and applications with a single set of credentials

Provisioning Identity Stores resources with Terraform/OpenTofu provides a consistent, version-controlled, simplified, and automated way to manage AWS Accounts permissions and RBAC and reduces the overall risk of manual misconfigurations.

ControlMonkey now supports the one-click Terraform/OpenTofu Import of the following Identity Store resources:

IdentityStore::User (aws_identitystore_user)
IdentityStore::Group (aws_identitystore_group)
IdentityStore::GroupMembership (aws_identitystore_group_membership)
SSO:Assignment(aws_ssoadmin_account_assignment)
SSO:PermissionSet(aws_ssoadmin_permission_set)

Are you using Identity Center and have resources you would like to shift to Terraform?
Feel free to book an intro meeting to learn more about how ControlMonkey generates the Terraform/OpenTofu code that represents your Identity Center configuration, making the shift to Terraform as seamless as possible.

Today, we are pleased to announce the release of ‘Remote Plan from Local Machine,’ the latest enhancement to our Terraform CI/CD engine.

How do your cloud engineers properly test their Terraform code changes before committing to Git and getting feedback without running a PR?
There are a few challenges there:

• The Secrets and variables their code requires are unavailable on their local machine and shouldn’t be for security reasons.
• They don’t have the organization’s guardrails and policies to test their local code.

Up until now, users had to commit the code, create a PR, and then get the needed feedback from their centralized Terraform pipeline. This process, of course, slowed down the pace of development and created a lot of “waiting time” between each code update and PR inspection.

Today, we’re happy to announce our “Remote Plan from Local Machine” capability, where cloud engineers can test their Terraform Code changes locally without initiating a full PR and pushing the GIT code.

Remote Plan enables you to run your ‘Terraform plan’ locally by triggering a plan simulation remotely on ControlMonkey and getting feedback on the plan’s output.

The integration is pretty easy. All you have to do is run the ‘terraform login api.controlmonkey.io’ command:

And then you can work as you’re used to, running ‘terraform plan’ commands on your local machine:

It uses your local Terraform files but actually runs it remotely in ControlMonkey, using the shared state and your environment’s variables and secrets. Every Remote Plan triggers a Plan in ControlMonkey, so you will have the full audit also on the ControlMonkey console:

By running a remote plan, your engineers can build faster and test their changes locally before committing to them.

Are you managing Terraform at scale?
Our Experts are available for a quick call so you can learn more about the future of Terraform Automation and how it can benefit your team.