Suppressing Compliance Findings


Suppressing Compliance Findings

A compliance finding identifies a cloud resource that is non-compliant with an assigned compliance check. Suppressed findings are excluded from future scans, altering your compliance score and notifications. Findings can be suppressed for a specific time frame or indefinitely.

For example, you may have a check that looks for public S3 buckets, but you might suppress findings for a specific bucket because it contains data that is designed for public consumption.

Directly suppressing a finding requires ownership of the OU/project where it was found. If you do not have the required permissions, you can request suppression. For more information, see Requesting Compliance Finding Suppression.

Suppressing a Compliance Finding

  1. Navigate to Compliance > Overview.
  2. On the Active Findings card, click View All. You can also choose to view findings by OU, project, or account.
  3. Click the ellipsis menu next to the finding you want to suppress and select Suppress. If this is not an option, you may not have the necessary permissions for this action.
  4. (Optional) Enter a comment describing why the finding is being suppressed.
  5. (Optional) Configure a Suppression Timeout time frame. Once the time frame elapses, the finding will start showing in compliance scan results again if it has not been addressed.
  6. Click OK.