Skip to main content

Modify IaC Security Policies

Click Policies on the left panel of the IaC Security Console to view the Policies page that displays the complete list of policies in the system.

You can search based on any term (such as “TLS”) to filter and list only specific policies.

ParameterDescription
TitleDisplays a summary of the policy. Click the title to view the policy's details.
SeverityDisplays whether the severity is:

Critical
High
Medium
Low
Info

Click the dropdown to change the severity.
ComplianceDisplays CIS or HIPAA.
EnabledUse the toggle to enable or disable the policy.
ActionsClick the actions icon to perform one of the following actions:

View - Displays the details window.
Show Violations - Displays the Violations page.
Copy link to policy - Copies the policy link to the clipboard.

Modify IaC Security Policies

You can modify policies in the details menu.

The detailed view appears when you click a policy's title or click the Actions icon and select View.

It displays:

  • Guidelines - Click this tab to view a description of the violation, rationale, audit, and remediation.
  • Activity - Whenever you make a configuration change (such as disable the policy or change the severity) this page displays a log of the action(s).
  • Config - Click this tab to view the following information:
    • SID - Displays the system ID.
    • Enabled - Use this toggle to enable or disable the policy.
    • Severity​ - Use the dropdown to change the severity. The severities are Critical, High, Medium, Low, and Info.
    • Provider - Displays the provider type such as AWS or Kubernetes.
    • Category - Displays the policy category such as Network or Storage Security.
    • Check Type - Displays the code repository type to check such as Terraform, CloudFormation, and Kubernetes (see Language Support for details).
    • Last Update - Displays the date and time when the software was last updated.
    • Compliance - Displays the compliance type: CIS or HIPAA.

Suppress a Policy for the Organization

To suppress a policy for the entire organization:

  1. Click Policies on the left panel of the IaC Security Console to view the Policies page.
  2. Click a policy to display the detailed view.
  3. Click the Config tab and toggle the Enabled button to off.

IaC Policy Config