Skip to content

Latest commit

 

History

History
20 lines (18 loc) · 3 KB

Filtering.md

File metadata and controls

20 lines (18 loc) · 3 KB

Filtering

Not complete set of options. (To be completed!)

Name Values
filter.services An array of AWS service strings from the following:
AutoScaling | CloudConformity | CloudFormation | CloudFront | CloudTrail | CloudWatch |
CloudWatchEvents | CloudWatchLogs | Config | DynamoDB | EBS | EC2 | ElastiCache |
Elasticsearch | ELB | IAM | KMS | RDS | Redshift | ResourceGroup | Route53 | S3 | SES | SNS | SQS | VPC | WAF | ACM | Inspector | TrustedAdvisor | Shield | EMR | Lambda | Support | Organizations | Kinesis | EFS

For more information about services, please refer to Cloud Conformity Services Endpoint
filter.resourceTypes An array of resource types. e.g. ["kms-key", "ec2-instance"]

For more information about services, please refer to Cloud Conformity ResourceTypes Endpoint
filter.regions An array of valid AWS region strings. (e.g. ["us-west-1", "us-west-2"])
For more information about regions, please refer to Cloud Conformity Region Endpoint
filter.ruleIds An array of rule ids. e.g. ["EC2-001", "S3-001"]

For more information about services, please refer to Cloud Conformity Services Endpoint
filter.tags An array of any assigned metadata tags to your AWS resources
filter.text Filter by resource Id, rule title or message. A string. e.g "john", "s3" or "write"
filter.createdLessThanDays Only show checks created less than X days ago. Number. e.g. 5.
filter.categories An array of category (AWS well-architected framework category) strings from the following:
security | cost-optimisation | reliability | performance-efficiency | operational-excellence
filter.riskLevels Risk level. Possible values: ["EXTREME" | "VERY_HIGH" | "HIGH" | "MEDIUM" | "LOW"]
filter.complianceStandards Compliance and standards. Possible values: ["AWAF" | "CISAWSF" | "CISAWSTTW" | "PCI" | "HIPAA" | "GDPR" | "APRA" | "NIST4"]
filter.statuses The status of the check. Valid values: ["SUCCESS" | "FAILURE"]
filter.suppressedFilterMode Whether to use the "v1" or "v2" suppressed functionality. "v1": Using suppressed=true will return both suppressed and unsuppressed checks, suppressed=false will just return unsuppressed checks. "v2": Using suppressed=true return will just return suppressed checks, suppressed=false will just return unsuppressed checks, and omitting the filter will return both. Defaults to "v1". Valid values: [ "v1" | "v2" ]
filter.suppressed Show Suppressed rules. A boolean. Will default to true for "v1", and omitted for "v2". Valid values: [true |false]
filter.providers Cloud providers. Possible values: ["aws" | "azure"]