Skip to main content

CLOUD_COMPLIANCE_V View

This view contains details (such as compliance status, violated resources, reason, recommendation, account info, etc.) about compliance violations identified by Lacework cloud assessments that occurred within the last 90 days.

This view reports details about compliance violations identified by cloud assessments for all the supported and configured cloud provider types: AWS, Azure, and GCP.

EVAL_TYPE specifies the cloud provider type and is equal to the following values:

  • LW_SA - For Amazon Web Services (AWS)
  • LW_GCP_SA - For Google Cloud Platform (GCP)
  • LW_Azure_SA - For Microsoft Azure (Azure)

Each row contains cloud compliance assessment information as listed in the columns.

Column NameData TypeDescription
REPORT_TIMETimestampThe time and date when the compliance assessment was done by Lacework.
EVAL_TYPETextThe cloud provider type as described above.
ACCOUNTVariantThe account information returned by the cloud provider, for example, account id or account alias is returned for AWS. The fields returned are determined by the cloud provider type and reflect the specific cloud provider functionality. The account fields per cloud provider type are listed below this table.
SECTIONTextThe cloud section that is being assessed, for example, Networking, Security, Elastic search, etc.
IDTextThe compliance recommendation id generated by Lacework.
RECOMMENDATIONTextThe recommendations provided by Lacework to resolve the compliance violation.
STATUSTextThe status of the assessment. Supported values include NonCompliant, CouldNotAssess, or Suppressed. Lacework does not list the resources that are compliant.
SEVERITYTextThe severity of the violation identified. Support values include Critical, High, Medium, Low, or Info.
RESOURCETextThe resource name that is causing the compliance violation.
REGIONTextThe geographical region where the resource is located.
REASONTextThe reason for the resource compliance violation.

Account Column Properties per Cloud Provider Type

The fields returned are determined by the cloud provider type and reflect the specific cloud provider functionality.

Cloud ProviderFields Returned
AWSAccountId and Account_Alias
GCPorganizationId, organizationName, projectId, and projectName
AzuresubscriptionId, subscriptionName, tenantId, and tenantName