Viewing Compliance Standards

Follow

Viewing Compliance Standards

To view all compliance standards:

  1. In the left navigation menu, click Compliance > All Compliance Standards.
  2. You will see a list of all the compliance standards you have permission to view.

Page Tools

Use the filters and tools on this page to narrow results and navigate. Options include:

  • Filter content using the dropdown menu(s) or filter icon on the top left.
  • Search by keyword using the magnifying glass icon on the top left.
  • Navigate the pages of results with the arrow buttons on the top right.
  • Click Add New on the top right to add a new object.

Ellipsis Menu

Clicking the ellipsis menu on the right of a standard gives you the option to:

  • Rescan all checks- run all checks in this standard again on demand.
  • View standard details page - view the details page for the standard.
  • View findings - go to the Findings tab for the standard to view all findings.
  • Edit standard - edit the standard.
  • Delete  standard - delete the standard.

You can click on a standard's name to visit its details page.

Compliance Standards

This section displays a list of all the compliance standards that apply to this object.

Standards can be filtered by Compliant and Non-compliant states using the dropdown menu on the top left. Use the arrow buttons on the top right to navigate through the pages of results.

You can also:

  • Click on the standard name to visit the detail page for the standard.
  • Click the findings badges to view the findings.
  • Click the ellipsis menu on the right of a standard to:
    • Rescan all checks - run all checks in this standard again on demand.
    • Edit standard - edit the standard.

The findings badges on this page are color coded to indicate the highest level of severity recorded for the compliance checks with active findings. The colors represent the following:

  • Gray: no findings. All checks are compliant.
  • Maroon: highest severity non-compliant checks are critical severity.
  • Red: highest severity non-compliant checks are high severity.
  • Orange: highest severity non-compliant checks are medium severity.
  • Yellow: highest severity non-compliant checks are low severity.
  • Blue: highest severity non-compliant checks are informational severity.
  • Slate: suppressed findings.

Keep in mind that the color on the findings badge reflects the highest level severity recorded, not the count of findings at that severity level. For example, if you see the following badge, it means there are 62 active findings and at least one of the findings is high severity. It does NOT mean there are 62 findings of high severity.

You can click on the findings badges to see a list of the findings, including their severity information.

Compliance Standard Details: Overview Tab

Click the name of the compliance standard or View standard details page on the ellipsis menu to view its details page, including a tab menu for the standard. A More tab will display when there are more tabs than the screen can accommodate; you can click More to review the remaining menu options.

The Overview tab shows by default, which provides the following information:

Compliance Standard Name and Status

  • The name of the compliance standard is featured at the top of the screen.
  • A status badge will display if applicable. The Inactive badge will display if the compliance standard has no compliance checks applied to it.

Compliance Standard Details

  • Created - date when the standard was added to Kion.
  • Created By - Kion user who created the standard.
  • Description - optional description of the standard.

Activity Feed

The activity feed shows all activity for the compliance standard, including the addition of compliance checks, application to a cloud rule, and editing the compliance standard's info. The user, date, and time are shown for all activities. You can search by keyword using the magnifying glass icon.

Compliance Standard Details: Findings Tab

Click the Findings tab to view the information about the findings involving this standard, including the account ID, the check severity, the compliance check name, the project name, the account name, the individual non-compliant resource, the region, and the date/time of the finding.

Ellipsis Menu

The ellipsis menu on the right of a finding will appear as a floating menu card, so you can use the menu without scrolling through all of the columns. Clicking the ellipsis menu gives you options for:

  • Cloud access - quickly access the cloud account where this finding occurred.
  • Archive - archive the finding.
  • Suppress - suppress the finding.
  • View metadata - view metadata for the finding. The metadata field accepts JSON to allow you to send additional data not captured by Kion. For example, you can include resolution information for the finding as a URL. If this option is not displayed, there is no metadata.

You can click on the check name, project name, or account name to visit the detail pages for those objects.

Compliance Standard Details: Compliance Checks Tab

Click the Compliance Checks tab to view information about the checks that are included in this standard. The section includes the check name, the number of findings (both active and suppressed), and the date/time of the last scan.

Compliance checks created from this screen will automatically be added to this compliance standard.

Ellipsis Menu

Clicking the ellipsis menu on the right of a check gives you the option to:

  • Resume - checks that fail three times due to an error with configuration or Cloud Custodian will be marked Suspended. The Resume menu option will reset the suspended status and resume scanning for this check.
  • Rescan - run the check again on demand.
  • Remove from standard - remove the check from this standard.
  • View check details page - view the details page for this check.

You can click on the check name to visit the detail page for the check.

The findings badges on this page are color coded to indicate the level of severity for the compliance check (which is also shown in the Severity column). The colors represent the following:

  • Gray: no findings. The check is compliant.
  • Maroon: non-compliant check with critical severity.
  • Red: non-compliant check with high severity.
  • Orange: non-compliant check with medium severity.
  • Yellow: non-compliant check with low severity.
  • Blue: non-compliant check with informational severity.
  • Slate: suppressed findings.
  • White (n/a): inactive. The check has not yet been applied to any standards, so it is not scanning for findings.

Since this page reflects findings by compliance check and severity is set at the check level, the numbers on the findings badges reflect the total number of findings at that severity level.

You can click on the findings badges to see a list of the findings.

Compliance Standard Details: Projects Tab

Click the Projects tab to view information about the projects to which this standard is applied, including the project name, the number of active and suppressed findings, and the date/time of the last scan.

Ellipsis Menu

Clicking the ellipsis menu on the right of a project gives you the option to: 

  • View findings - view findings for this project. Results will be limited to findings from the currently selected compliance standard.
  • View project details page - view the details page for this project.

You can click on the project name to view the project's detail page.

Compliance Standard Details: Cloud Rules Tab

Click the Cloud Rules tab to view all cloud rules where the compliance standard is applied.

You can click on a cloud rule's name to view its details page.

Compliance Standard Details: Accounts Tab

Click the Accounts tab to view the accounts where this check is applied, including the account name, account number, the number of active and suppressed findings, and the date/time of the last scan.

Ellipsis Menu

Clicking the ellipsis menu on the right of a standard gives you the option to:

  • Cloud Access - Log into the cloud console (if you have access to do so). Click this menu option, then click on the cloud access role you wish to use. You'll be taken directly to your console for AWS, Azure, or Google Cloud using the cloud access role you selected.

 

Was this article helpful?
0 out of 0 found this helpful