Skip to main content

Manage Compliance Policy Exceptions in the Lacework Console

View Exceptions for a Policy

  1. Log in to the Lacework Console and go to Policies.

  2. Click a specific compliance policy and click the Exceptions tab. A list of all exceptions for this policy appears.

    Policies exceptions tab

  3. Examine the exception parameters, such as: Account Ids, Bucket Name, Resource Tags, and optionally Comments, for the exception.

View Exceptions in the Cloud Compliance Dashboard

Exceptions can also be viewed on the Cloud Compliance Dashboard when grouped by Policy.

See View and Add Exceptions on a Policy for guidance.

Edit an Exception for a Policy

note

Once an exception is edited, the edit will not take effect until the next compliance assessment run is complete.

  1. Log in to the Lacework Console and go to Policies.

  2. Click a specific compliance policy and click the Exceptions tab. A list of exceptions appears for this policy.

  3. Click the Edit icon next to an existing exception configured for the policy to modify.

    Policies exceptions tab edit exception

  4. Modify any of the parameters and values for this exception.

  5. Click Add Exception / Save to save the changes to this exception.

Delete an Exception from a Policy

  1. Log in to the Lacework Console and go to Policies.

  2. Click a specific compliance policy and click the Exceptions tab. A list of exceptions appears for this policy.

  3. Click the Delete icon Delete icon next to the specific exception.

  4. Click Yes when prompted to delete the exception.

Other Actions

Search for Exceptions on a Policy

  1. Log in to the Lacework Console and go to Policies.

  2. Click a specific compliance policy and click the Exceptions tab. A list of exceptions appears for this policy.

  3. Click the Search icon next to the specific exception.

  4. Enter a search string. Search results containing this search string appear.

    Policies exception tab search function

Refresh the List of Exceptions on a Policy

Additionally, you can refresh the list of exceptions under a specific policy in the Exceptions tab.

  1. Log in to the Lacework Console and go to Policies.

  2. Click a specific compliance policy and click the Exceptions tab. A list of exceptions appears for this policy.

  3. Click the Refresh icon next to Add Exceptions.

Download the List of Exceptions on a Policy

You can download the list of exceptions configured for a policy as a CSV file.

  1. Log in to the Lacework Console and go to Policies.

  2. Click a specific compliance policy and click the Exceptions tab. A list of exceptions appears for this policy.

  3. Click the Download icon next to Add Exceptions.

If there are more than ten exceptions under a compliance policy, use the Next Page icon to view more exceptions.