Rule Configuration
Dashboard > Select {Account} > Rules settings > Update rules settings > Configure
Trend Micro Cloud One™ – Conformity offers rule configuration to allow users to adjust the behaviour of rules to meet their organisation’s needs. For example, rules that should not be run, their severity, etc. Also, some rules need to be configured to run, while others utilise defaults.
Examples of rules that need to be configured before they will run include EC2 Desired Instance Type, Approved/Golden AMIs, Security Group Naming Conventions etc. Once you configure a rule on an account, you can copy the same rule settings to other accounts for which you have administrative privileges or full access.
You can disable a rule if required by unchecking Rule enabled. On disabling a rule, all violations will be removed and no more checks will be performed until the rule is re-enabled.
Every rule has a default risk level associated with it, which can be modified by selecting one of the following options from the Rule severity drop-down:
Time to live (TTL) configuration allows you to specify the length of time a Check will be displayed on the All Checks Report. The configuration is only available for certain Rules that are specific to Real-Time Threat Monitoring.
For example:
Note: TTL is designed in such a way that prevents Conformity’s notifications service to send too many notifications for the same Check in a short period of time. After the first notification is sent for a Check, the following Checks that are identical to the one that has already been sent will be discarded during the TTL period. Once the period expires, the Check is eligible to be notified again.
Rule exceptions can be configured so that the rule bypasses AWS resources which match the exception input provided. Exceptions can be configured in two ways:
Note: Only resource level rules have Exception configuration. Service level rules such as ‘Root Account Usage’ will not have this configuration in their rule settings.
You can change rule configurations and apply the same configurations to other or all accounts in the organization.
Note: