Infrastructure as Code Scan Policies
Infrastructure as Code Scan policies focus on identifying security issues directly within application source code.
The article describes the policies in this category, configuration options, and the impact of policy violations. For an overview of policies and policy management, see the Policies article.
View and manage Infrastructure as Code Scan policies
Open each policy to view the business impact and optional settings.
IaC issue
Purpose: Detects Infrastructure as Code (IaC) issues that indicate misconfigurations or insecure definitions in managed infrastructure.
Business impact: IaC issues can create security gaps that allow unauthorized access or unintended exposure of cloud resources. They can also cause operational instability, service outages, or inefficient resource usage. Failure to address these issues increases risk as cloud environments scale and change.
ON/OFF (toggle)
Enable/disable the policy.
ON
Show issues of severity (dropdown)
Limits which severities appear as issues.
All (including Info)
Ignore Application Business Priority for severity calculation (checkbox)
When enabled, severity is not adjusted based on application priority.
OFF
View policy issues
Open the Active Issues page.
Use the Category filter and select the policy category to view related active issues.
Use the Policy filter to narrow the list to a specific policy.
Apply the Category and Policy filters separately or together, depending on how specific you want the results to be.
Use the search box to refine results, such as filtering by file name, keyword, or rule identifier.
Create or save policy profiles
When you change a policy’s severity, ON/OFF toggle or any other setting, you must save the current profile or create a new one.
To save the current profile, click SAVE in the page header.
To create a new profile, click SAVE AS in the page header. For instructions, see the section Create or edit policy profiles in the Policies article.
Last updated