This view contains details (such as compliance status, violated resources, reason, recommendation, account info, etc.) about compliance violations identified by Lacework cloud assessments that occurred within the last 90 days.
This view reports details about compliance violations identified by cloud assessments for all the supported and configured cloud provider types: AWS, Azure, and Google Cloud.
EVAL_TYPE specifies the cloud provider type and is equal to the following values:
- LW_SA - For Amazon Web Services (AWS)
- LW_GCP_SA - For Google Cloud
- LW_Azure_SA - For Microsoft Azure (Azure)
Each row contains cloud compliance assessment information as listed in the columns.
|Column Name||Data Type||Description|
|REPORT_TIME||Timestamp||The time and date when the compliance assessment was done by Lacework.|
|EVAL_TYPE||Text||The cloud provider type as described above.|
|ACCOUNT||Variant||The account information returned by the cloud provider, for example, |
|SECTION||Text||The cloud section that is being assessed, for example, Networking, Security, Elastic search, etc.|
|ID||Text||The compliance recommendation id generated by Lacework.|
|RECOMMENDATION||Text||The recommendations provided by Lacework to resolve the compliance violation.|
|STATUS||Text||The status of the assessment. Supported values include NonCompliant, CouldNotAssess, or Suppressed. Lacework does not list the resources that are compliant.|
|SEVERITY||Text||The severity of the violation identified. Support values include Critical, High, Medium, Low, or Info.|
|RESOURCE||Text||The resource name that is causing the compliance violation.|
|REGION||Text||The geographical region where the resource is located.|
|REASON||Text||The reason for the resource compliance violation.|
Account Column Properties per Cloud Provider Type
The fields returned are determined by the cloud provider type and reflect the specific cloud provider functionality.
|Cloud Provider||Fields Returned|
|AWS||AccountId and Account_Alias|
|Google Cloud||organizationId, organizationName, projectId, and projectName|
|Azure||subscriptionId, subscriptionName, tenantId, and tenantName|