When you have sensitive data in the cloud or use the public cloud heavily, it is essential to establish norms for configuring cloud resources. Failure to set up and follow these norms can prove costly for the business. Cloud Configuration Governance (CCG) helps set policies for cloud resources, validate these policies, identify the violators, and run remediation to fix invalid configurations. For instance, you can turn on encryption for object storage or prevent misuse, turn off VMs with wide network access settings, create any number of rules, and also set up configurations to run scans on a specific or a generic set of cloud resources. Remediations are available out of the box, and more remediations can be built using Automation Engine. Use CCG to get your cloud resource costs, security, and availability under control for building a better cloud-integrated business.
Note: All base system (out-of-box) content for CCG are available as part of the new CCG Content Pack - available in the store. Ensure to install CCG Content Pack after installing the CCG app.
- Low-code editor for setting up policies
- Support for policy versions
- Ability to integrate scripts and IH flows for policies
- Link resources obtained during scan with the corresponding configuration item in the CMDB
- Build elaborate configuration scans for various regions and even for specific object sets
- View configuration adherence levels in the base-system PA dashboards
- Set up severity for violations and issue type
- Run remediations for violations, with approvals if needed
- Use the record producer to create custom remediations with additional inputs
- Run remediations on a large set of violations
- Build and associate more remediations with Cloud Action Library flows
- Fixed
- Applied security and policy updates
Required plugins and products
- ITOM Visibility
Dependencies
- Cloud Actions Library