Click Policies on the left panel of the IaC Security Console to view the policies page, which displays the complete list of policies in the system.
You can search based on any term (such as “TLS”) to filter and list only specific policies.
|Title||Displays a summary of the policy. Click this to view a Details page.|
|Severity||Displays whether the severity is: |
Click the dropdown to change the severity.
|Compliance||Displays CIS or HIPAA.|
|Enabled||Use the toggle to enable or disable the policy.|
|Actions||Click the actions icon to perform one of the following actions: |
View - Displays the details window.
Show Violations - Displays the Violations page.
Copy link to policy - Copies the policy link to the clipboard.
Modify IaC Security Policies
You can modify policies in the details menu.
The detailed view appears when you click the title or click the Actions icon and select View.
- Guidelines - Click this tab to view a description of the violation, rationale, audit, and remediation.
- Activity - Whenever you make a configuration change (such as disable the policy or change the severity) this page displays the action.
- Config - Click this tab to view the following information:
- SID - Displays the system ID.
- Enabled - Use this toggle to enable or disable the policy.
- Severity - Use the dropdown to change the severity. The severities are Critical, High, Medium, Low, and Info.
- Provider - Displays the provider type such as AWS or Kubernetes. Kubernetes
- Category - Displays the policy category such as Network or Storage Security.
- Check Type - Displays the code repository type to check such as Terraform, CloudFormation, CDK, or Kubernetes.
- Last Update - Displays the date and time when the software was last updated.
- Compliance - Displays the compliance type: CIS or HIPAA.
Suppress a Policy for the Whole Organization
To suppress a policy for the entire organization:
- Click Policies on the left panel of the IaC Security Console to view the policies page.
- Click a policy to display the detailed view.
- Click the Config tab and toggle the Enabled button to off.