Create User-Defined Controls
You can create a customized control using QFlows created in the Qualys Flow module.
Pre-requisites?
To create a customized control using QFlows, you need the Manage Custom Control permissions in TotalCloud and Read permissions in Qualys Flow.
If the Manage Custom Control permission is not enabled, the Create Control button is unavailable.
For details on permissions, refer to Manage Custom Control Permissions.
Create Your Customized Control using QFlow
You can create your own customized control and associate the required controls to be evaluated for the custom policy.
Note: Currently, you can create customized controls for Amazon Web Services (AWS) and Microsoft Azure.
1) Navigate to Policy > Controls > Preferred Cloud Provider(AWS/Azure).
2) Click Create Control > Run Time.
3) Provide the basic details for the control such as Name, Description, select the Criticality and cloud Provider, and click Next.
4) Click icon to include QFlow that is created in Qualys Flow app.
If you do not have Read Permissions to Qualys Flow module, the icon is not available. For details on permissions, refer to Manage Custom Control Permissions.
For more information on the Qualys Flow application, refer to Qualys Flow Getting Started Guide.
5) Select the QFlow from the list and click Add to control.
For the QFlow to be displayed in the list, in the Qualys Flow application, the TotalCloud node should be added while creating the QFlow and the QFlow should be deployed (enabled).
6) The QFlow is added in the control, click Next.
7) Fill in the additional details for your reference, like the objective of adding this control in Rationale, remediation steps if you want to suggest in Remediation, References and click Next.
8) Review the details of your control and click Create Control.
That’s it. Your customized control is ready to use.
Associate the control to a user-defined policy to be evaluated for the custom policy. For details on creating a custom policy, refer to Build Your Policy.