website logo
HomeTwitterLinkedInLogin ➡️
⌘K
Overview
Getting started
Connect an Account
AWS Account
Azure Subscription
GCP Project
Managing Accounts
Reverse Terraform
Asset Explorer/Reverse Terraform
Environment Change Diff
Diff Email
Snapshot Diff
Ignored properties
Environment Explorer
Billing and cost
Getting billing data from GCP
Compliance
GraphQL API
IaC Catalog
Overview
Getting Started with Terraform Blueprints
Configuration
Producer Flow
Consumer Flow
CI/CD Configuration
Management
Security
Terraform State File Integrations
Integration
Asset Inventory
Feedback/Contact
Docs powered by archbee 

Compliance at a glance

14min

Cloud Compliance at AutoCloud is the place for seeing the big picture of your compliance posture.

Compliance Dashboard

Click "Compliance" in the left-hand panel, and view Compliance benchmarks for each Visual Service Discovery. Note that if the cards are empty, first you need to connect your environment, and come back to Compliance after the first crawl.

Document image


Customize the view

These cards are per VSD, and can be customized with your favorite compliance check summaries. Click on the right corner of the card to access customization:

Document image


You can choose up to 4 compliance check summaries. Once you are ready click "Save".

Document image


Visualizing Compliance

Click on any "check summary" to access the detailed view of the Benchmark of the Visual Service Discovery. This view has graphs at the top and the rules at the bottom. You may change the date in the top right corner to access the Compliance dashboard for each version of your VSD.

Document image


Resource Status

Resource Status summarizes how many resources were assessed, and how many have passed and failed the checks. In this example, 19 out of 28 resources failed the controls.

Document image


Control Status

Control Status summarizes how many checks were assessed, and how many passed and failed. In this example, 64% of the checks passed the control.

Document image


Resource Failure Severity

All checks have been classified with a Severity level. In this example, 37 rules have a "High" severity, 62 rules are "Medium" and only 1 is "Low".

Document image


Resource Failure by Section

Most benchmarks classify the rules under sections or categories. In this example, CIS 1.2 has 7 different sections. You can view each section and understand how many passed and failed.

Document image


The rules table

All of the rules are classified under a section and have the following attributes:

  • Status (Passed or Failed)
  • Assessed (number of resources assessed)
  • Pass (number of resources that passed and percentage)
  • Fail (number of resources that failed and percentage)
  • Severity (High, Medium or Low)
Document image


Findings, Information and Remediation

Clicking any rule will open a side panel with Findings, Information and Remediation.

In this example, the rule "GCP CIS 3.7 Ensure that RDP access is restricted from the internet" checked against 7 different resources, and only 1 didn't pass the control.

Document image


Click "Information" to know more about this rule, as well as getting references from the CSP.

Document image


Click "Remediation" to know the steps you would need to take to fix this and pass the check.

Document image


Compliance in your Service Discoveries

You may also access the Compliance Dashboard and view one particular benchmark in the account of your choice:

Document image


In this case, I've selected PCI:

Document image








Updated 03 Mar 2023
Did this page help you?
Yes
No
PREVIOUS
Getting billing data from GCP
NEXT
Create an endpoint for GraphQL API
Docs powered by archbee 
TABLE OF CONTENTS
Compliance Dashboard
Customize the view
Visualizing Compliance
Resource Status
Control Status
Resource Failure Severity
Resource Failure by Section
The rules table
Findings, Information and Remediation
Compliance in your Service Discoveries