Compliance Standard Details
Compliance standards are particularly useful for aligning with established security frameworks. For example, you could have a NIST compliance standard containing all of the compliance checks required for meeting NIST guidelines.
Viewing the details page for a compliance standard gives you a view of your compliance posture relating to each standard you have created. When building standards off of specific compliance frameworks (like NIST), this view makes it easy to quickly see if you are meeting the framework's requirements.
To view compliance standard details:
- Navigate to Compliance > All Compliance Standards.
- Click the compliance standard you would like to view.
This is an overview of this compliance standard. Here you can see the standard's creation details, findings, and activity.
An Inactive badge shows if the standard has no compliance checks applied to it. Compliance standards don't do anything if they don't contain compliance checks. For information about adding checks to a standard, see Managing Compliance Standards.
The compliance standard summary shows active findings by severity and the checks that triggered them. You can also see which projects and accounts have active findings.
The activity feed lists events involving the compliance standard, including adding or removing compliance checks, application to a cloud rule, and editing the standard's info. The user, date, and time are shown for all activities.
The Findings tab provides a list of findings for the standard across all resources. Select the tabs at the top to switch between active, suppressed, and archived findings. For more information, see What is a Finding?
Hovering over a finding reveals an ellipsis menu with the options:
- Cloud access. Use a cloud access role to quickly access the cloud account where this finding occurred. For more information, see What is a Cloud Access Role?
- Archive. Archive the finding. Archived findings are marked as remediated.
- Suppress. Suppress the finding. Suppressed findings are excluded from future scans. For example, you might suppress a finding for a public S3 bucket if it should be public, because it contains data that is designed for public consumption.
- View metadata. View metadata for the finding. Metadata is information that is not typically captured by Kion. If this option is not displayed, there is no metadata. For information about including metadata in your policies, see Writing Cloud Custodian Compliance Policies.
Compliance Checks Tab
The Compliance Checks tab shows information about the checks that are included in this standard.
Click Add to create a new compliance check and automatically add it to this standard or to add an existing check to this standard.
If this standard has any suspended checks, you can click Resume Suspended Checks to start running them again. This option only shows if there are suspended checks.
The ellipsis menu next to each check includes the options:
- Rescan. Immediately runs the check again.
- View findings. Brings up a list of findings for the selected check. For more information, see What is a Finding?
- Remove from standard. Removes the check from this standard.
- View check details page. Takes you to the check's details page. For more information, see Compliance Check Details.
The Projects tab includes information about projects where this standard is applied, including the project name, the number of active and suppressed findings, and when the project was last scanned.
This list can be filtered by compliant and non-compliant states to quickly locate problem accounts.
The ellipsis menu next to each project includes the options:
- View findings. Brings up a list of findings for the selected project. For more information, see What is a Finding?
- View project details page. Takes you to the project's details page. For more information, see Project Details.
Cloud Rules Tab
The Cloud Rules tab shows all cloud rules where the compliance standard is applied.
Compliance standards are applied to resources by cloud rules. If there are no cloud rules in this list, this standard is not being applied to any resources. For more information, see What is a Cloud Rule?
The Accounts tab includes information about individual accounts where this standard is applied, including the account name, the number of active and suppressed findings, and when the account was last scanned.
The ellipsis menu next to each account includes the options:
- Cloud access. Use a cloud access role to quickly access the cloud account where a finding occurred. For more information, see What is a Cloud Access Role?
- View findings. Brings up a list of findings for the selected account. For more information, see What is a Finding?
- View account details page. Takes you to the account's details page. For more information, see Viewing Accounts.