As of right now, I don't believe there's an easy way of knowing what Config rule maps to which CIS rule. This makes it a little bit difficult knowing what rules are being checked and which aren't. Furthermore, the CIS benchmark goes through versions and rules get updated. The packs also don't indicate which CIS version they met. It would also be nice if there was some indication as to which rule and benchmark version each of the Config rules are in compliance with.
For example, this rule states that the root user should have MFA enabled. That rule maps to the 1.13 rule of the v1.2.0 benchmark, but there's no easy way of knowing this just by looking at the Config rule.
As of right now, I don't believe there's an easy way of knowing what Config rule maps to which CIS rule. This makes it a little bit difficult knowing what rules are being checked and which aren't. Furthermore, the CIS benchmark goes through versions and rules get updated. The packs also don't indicate which CIS version they met. It would also be nice if there was some indication as to which rule and benchmark version each of the Config rules are in compliance with.
For example, this rule states that the root user should have MFA enabled. That rule maps to the 1.13 rule of the v1.2.0 benchmark, but there's no easy way of knowing this just by looking at the Config rule.
https://github.com/awslabs/aws-config-rules/blob/master/aws-config-conformance-packs/Operational-Best-Practices-for-CIS-Top20.yaml#L755-L761