When a rule is run against the infrastructure (resources) associated with your AWS account, the result of the scan is referred to as a Check. For example, an EC2 Security Group may have 50 Cloud Conformity Rules (Checks) scanning for various risks / vulnerabilities.
To view Checks associated with an account, click Browse all checks on the summary section of the Cloud Conformity Dashboard.
Each Check has the following information associated with it:
You can take the following actions on a Check:
Every Rule has an implementation associated with it, which will then determine if a Check against the Rule is successful or not. For example, if you have an S3 bucket with public read permissions enabled, the “S3 Bucket Public ‘READ’ Access”’ Rule will be applied towards all S3 buckets in your AWS account. If any S3 bucket has Public Read enabled, then the Check for that S3 bucket is a failure.
Rules that are informational will not have a status attached to it. Instead, the status would be marked as Not Scored