CLOUD_COMPLIANCE_V View
This view contains details (such as compliance status, violated resources, reason, recommendation, account info, etc.) about compliance violations identified by Lacework cloud assessments that occurred within the last 90 days.
This view reports details about compliance violations identified by cloud assessments for all the supported and configured cloud provider types: AWS, Azure, and GCP.
EVAL_TYPE specifies the cloud provider type and is equal to the following values:
- LW_SA - For Amazon Web Services (AWS)
- LW_GCP_SA - For Google Cloud Platform (GCP)
- LW_Azure_SA - For Microsoft Azure (Azure)
Each row contains cloud compliance assessment information as listed in the columns.
Column Name | Data Type | Description |
---|---|---|
REPORT_TIME | Timestamp | The time and date when the compliance assessment was done by Lacework. |
EVAL_TYPE | Text | The cloud provider type as described above. |
ACCOUNT | Variant | The account information returned by the cloud provider, for example, account id or account alias is returned for AWS. The fields returned are determined by the cloud provider type and reflect the specific cloud provider functionality. The account fields per cloud provider type are listed below this table. |
SECTION | Text | The cloud section that is being assessed, for example, Networking, Security, Elastic search, etc. |
ID | Text | The compliance recommendation id generated by Lacework. |
RECOMMENDATION | Text | The recommendations provided by Lacework to resolve the compliance violation. |
STATUS | Text | The status of the assessment. Supported values include NonCompliant, CouldNotAssess, or Suppressed. Lacework does not list the resources that are compliant. |
SEVERITY | Text | The severity of the violation identified. Support values include Critical, High, Medium, Low, or Info. |
RESOURCE | Text | The resource name that is causing the compliance violation. |
REGION | Text | The geographical region where the resource is located. |
REASON | Text | The reason for the resource compliance violation. |
Account Column Properties per Cloud Provider Type
The fields returned are determined by the cloud provider type and reflect the specific cloud provider functionality.
Cloud Provider | Fields Returned |
---|---|
AWS | AccountId and Account_Alias |
GCP | organizationId, organizationName, projectId, and projectName |
Azure | subscriptionId, subscriptionName, tenantId, and tenantName |