Versions Compared

Old Version 3

changes.mady.by.user Daria Lebedeva

Saved on

compared with

New Version 4

changes.mady.by.user Daria Lebedeva

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Info

Use this article to define the criteria for a custom Compliance Engine policy request.

Table of Contents

Request workflows

Policy create request workflow:

...

  1. Customer opens a new service request and links to the original Policy create request.

  2. Customer provides updates to the original request and outline required changes. 

  3. Workflow continues from section 3 of the Policy create workflow.

Policy Details - Expected Outcome

The expected outcome should include evaluation criteria, along with:

...

Description: Ensure that your AWS S3 buckets content cannot be publicly listed in order to protect against unauthorized access. An S3 bucket that grants READ (LIST) access to everyone can allow anonymous users to list the objects within the bucket.

Tags: S3, AWS, Security

Policy Logic and Evaluation Criteria


The expected outcome should include all the objects and the condition they should be evaluated at.

...

The group will be INCOMPLIANT if the bucket name LIKE '%test% AND (NOT Name LIKE '%public%') AND AWS Account is not = '987654322345'

Violation Details

Provide details on how to convert input objects into a human-readable violation. Comment on what pattern to use, how to combine fields from objects, what additional fields and objects to update upon violation occurs, etc. 

...

4. Instructions for other fields in the similar format if needed.

Set of Test Objects

Create objects in a test environment, connected to CloudAware that will satisfy the following requirements:

...

The environment should remain static during the whole policy create/update workflow


SLA and Support

All custom policy requests are handled by the policy development team. 

...