Compliance Settings


Compliance Settings

Settings > System Settings > Application Settings > Compliance

Severity Weights

Customize the weight given to compliance severity levels for determining your compliance score. Adjusting severity weights helps Kion create a compliance score that is accurate to your unique compliance goals and chosen industry metrics.

Compliance scores are values that indicate the total weight of all findings for non-compliant checks. This gives you a quick way to evaluate which resources most urgently need your attention to restore compliance. A lower score is better, and a score of 0 means no compliance issues.

When setting severity weights, their values must be between 0 – 100, with critical being the highest and informational being the lowest. If a severity rating is set to 0, findings with that severity rating will not impact your compliance score.

For more information about compliance scores, see Compliance Score.

POST Token Life

Customize the POST token life for compliance webhooks. This sets the amount of time allowed to execute your Cloud Custodian compliance policies.

If you have compliance scans that take longer than an hour to run, a token set to one hour would expire before the scan completes, and the results wouldn't successfully POST within the API. This means that any compliance issues in that scan wouldn't be registered and the findings wouldn't appear in your compliance overview. To ensure these long-running scans are captured, you can increase the compliance POST token life to a maximum value of four hours.

The default value for the compliance token life is one hour, which is sufficient for most setups and follows best practices by limiting the token life.