website logo
HomeTwitterLinkedInLogin ➡️
⌘K
Overview
Getting started
Connect an Account
AWS Account
Azure Subscription
GCP Project
Managing Accounts
Reverse Terraform
Asset Explorer/Reverse Terraform
Diff
Diff Email
Snapshot Diff
Ignored properties
Environment Explorer
Compliance
GraphQL API
IaC Catalog
Overview
Configuration
Past PRs of IaC generators
Generator Credentials
CI/CD Configuration
Management
Security
Feedback/Contact
Docs powered by archbee 
17min

Compliance at a glance

Cloud Compliance at AutoCloud is the place for seeing the big picture of your compliance posture.

Compliance Dashboard

Click "Compliance" in the left-hand panel, and view Compliance benchmarks for each Visual Service Discovery. Note that if the cards are empty, first you need to connect your environment, and come back to Compliance after the first crawl.

Document image

Customize the view

These cards are per VSD, and can be customized with your favorite compliance check summaries. Click on the right corner of the card to access customization:

Document image

You can choose up to 4 compliance check summaries. Once you are ready click "Save".

Document image

Visualizing Compliance

Click on any "check summary" to access the detailed view of the Benchmark of the Visual Service Discovery. This view has graphs at the top and the rules at the bottom. You may change the date in the top right corner to access the Compliance dashboard for each version of your VSD.

Document image

Resource Status

Resource Status summarizes how many resources were assessed, and how many have passed and failed the checks. In this example, 19 out of 28 resources failed the controls.

Document image

Control Status

Control Status summarizes how many checks were assessed, and how many passed and failed. In this example, 64% of the checks passed the control.

Document image

Resource Failure Severity

All checks have been classified with a Severity level. In this example, 37 rules have a "High" severity, 62 rules are "Medium" and only 1 is "Low".

Document image

Resource Failure by Section

Most benchmarks classify the rules under sections or categories. In this example, CIS 1.2 has 7 different sections. You can view each section and understand how many passed and failed.

Document image

The rules table

All of the rules are classified under a section and have the following attributes:

  • Status (Passed or Failed)
  • Assessed (number of resources assessed)
  • Pass (number of resources that passed and percentage)
  • Fail (number of resources that failed and percentage)
  • Severity (High, Medium or Low)
Document image

Findings, Information and Remediation

Clicking any rule will open a side panel with Findings, Information and Remediation.

In this example, the rule "GCP CIS 3.7 Ensure that RDP access is restricted from the internet" checked against 7 different resources, and only 1 didn't pass the control.

Document image

Click "Information" to know more about this rule, as well as getting references from the CSP.

Document image

Click "Remediation" to know the steps you would need to take to fix this and pass the check.

Document image

Compliance in your Service Discoveries

You may also access the Compliance Dashboard and view one particular benchmark in the account of your choice:

Document image

In this case, I've selected PCI:

Document image







Updated 31 Jan 2023
Did this page help you?
Yes
No
UP NEXT
Create an endpoint for GraphQL API
Docs powered by archbee 
TABLE OF CONTENTS
Compliance Dashboard
Customize the view
Visualizing Compliance
Resource Status
Control Status
Resource Failure Severity
Resource Failure by Section
The rules table
Findings, Information and Remediation
Compliance in your Service Discoveries