Viewing Compliance Checks

Follow

Compliance Check Details

Viewing the details pages for a compliance check gives you a focused view of compliance metrics based on that check.

The different tabs on the details page offer ways to view compliance around the selected check from various angles. Depending on the check, it might be more helpful to view individual findings, the state of standards including the check, or specific projects or accounts where the check is applied. All of these options are available from the check details page.

To view compliance check details:

  1. Navigate to Compliance > All Compliance Checks.
  2. Click the compliance check you would like to view.

Compliance Check Status

A check is considered compliant if it has been scanned recently, has no active findings, and is not suspended anywhere.

A check is considered non-compliant if it has at least one active finding. Non-compliant checks can also have states of current, pending, or suspended.

  • A current, non-compliant check has been scanned recently and has at least one active finding. This is the default state of non-compliant checks and is not specifically marked with a badge in the Kion console.
  • A pending check has not be scanned recently or has never been scanned. In this case, the check is considered non-compliant, because we don't have recent data on it. This can result from a connection issue, the check may be in the queue, or it may be because the check is new and simply hasn't been run yet.
  • A suspended check has failed in at least one account/region 3 times. Checks that are suspended are no longer scanned until a remediation action is taken.

A check is considered inactive if it is not included in any compliance standards. Compliance checks are applied to resources by compliance standards. For more information, see Applying Compliance Checks and Standards.

Overview Tab

This is an overview of this compliance check. Here you can see the check's status, severity, creation details, type, frequency, findings, and activity.

Click View Policy to view the check's policy. This is view-only.

The compliance check summary shows active findings by severity and the resources that triggered them.

The activity feed lists events involving the compliance check.

Findings Tab

The Findings tab provides a list of findings for the check across all resources. Select the tabs at the top to switch between active, suppressed, and archived findings. For more information, see What is a Finding?

Hovering over a finding reveals an ellipsis menu with the options:

  • Cloud access. Use a cloud access role to quickly access the cloud account where this finding occurred. For more information, see What is a Cloud Access Role?
  • Archive. Archive the finding. Archived findings are marked as remediated.
  • Suppress. Suppress the finding. Suppressed findings are excluded from future scans. For example, you might suppress a finding for a public S3 bucket if it should be public, because it contains data that is designed for public consumption.
  • View metadata. View metadata for the finding. Metadata is information that is not typically captured by Kion. If this option is not displayed, there is no metadata. For information about including metadata in your policies, see Writing Cloud Custodian Compliance Policies.

Compliance Standards Tab

The Compliance Standards tab shows information about standards that include this check. For more information, see What is a Compliance Standard?

This list can be filtered by compliant and non-compliant states to quickly locate problem accounts.

The ellipsis menu next to each standard includes the options:

  • Rescan all checks. Immediately runs all checks in the standard again.
  • View standard details page. Takes you to the standard's details page. For more information, see Compliance Standard Details.
  • View findings. Brings up a list of findings for the selected standard. For more information, see What is a Finding?
  • Edit standard. Allows you to edit standard details, owners, and included checks. For more information, see Managing Compliance Standards.

The findings badges on this page are color coded to indicate the highest level of severity recorded for the standard. Keep in mind that the color on the findings badge reflects the highest level severity recorded, not the count of findings at that severity level. For example, if you see the following badge, it means there are 62 active findings and at least one of the findings is high severity. It does not mean there are 62 high severity findings.

Projects Tab

The Projects tab includes information about projects where this check is applied, including the project name, the number of active and suppressed findings, and when the project was last scanned.

This list can be filtered by compliant and non-compliant states to quickly locate problem accounts.

The ellipsis menu next to each project includes the options:

  • View findings. Brings up a list of findings for the selected project. For more information, see What is a Finding?
  • View project details page. Takes you to the project's details page. For more information, see Project Details.

Accounts Tab

The Accounts tab includes information about individual accounts where this check is applied, including the account name, the number of active and suppressed findings, and when the account was last scanned.

The ellipsis menu next to each account includes the options:

  • Cloud access. Use a cloud access role to quickly access the cloud account where a finding occurred. For more information, see What is a Cloud Access Role?
  • View findings. Brings up a list of findings for the selected account. For more information, see What is a Finding?
  • View account details page. Takes you to the account's details page. For more information, see Viewing Accounts.

 

Was this article helpful?
0 out of 0 found this helpful