Once benchmarks are installed, click the Policy Check name in the list to review the compliance state:
- Policy Overview contains the policy description
- Related Objects shows the list of objects
- Statistic History indicates how your CIS benchmarks are doing over time
Statuses
PASSED - policies that have no violations of compliance checks
...
| Info |
|---|
Policy checks are evaluated against the objects that can be identified as: Compliant meaning the objects that are compliant with compliance policy check Incompliant meaning the objects that are incompliant with the compliance policy check Inapplicable meaning the objects that do not enter the policy check scope |
CloudAware Benchmark Check Lifecycle
A benchmark check is created for every object which enters the policy scope. The status of a benchmark check (‘compliant’, ‘incompliant’ or ‘inapplicable’) corresponds to the status of an input object. Once an input object becomes compliant, the corresponding benchmark check gets the status changed from ‘incompliant’ to ‘compliant’ after CIS Benchmark Policy run. If an object doesn’t enter the policy scope, the benchmark check gets "Close date".