Searching for Controls (Policy Tab)
Use the search tokens below to search for control evaluations (click any control name on the Policy > Controls tab). Looking for help with writing your query? click here
Use a text value ##### to find policies or controls created by a user of interest.
Example
Show policies or controls created by the specified user
createdBy: user_john
Use a text value ##### to find policies or controls modified by a user of interest.
Example
Show policies or controls modified by the specified user
modifiedBy: user_john
Use a date range or specific date to define when the resource was created.
Example
Show resources created within certain dates
createdDate: [2018-01-01 ... 2018-03-01]
Show resources created from starting 2018-01-01, ending 1 month ago
createdDate: [2018-01-01 ... now-1m]
Show resources created starting 2 weeks ago, ending 1 second ago
createdDate: [now-2w ... now-1s]
Show resources created on specific date
createdDate: [2018-01-08]
Use a date range or specific date to define when the resource was modified.
Example
Show resources modified within certain dates
modifiedDate: [2018-01-01 ... 2018-03-01]
Show resources modified from starting 2018-01-01, ending 1 month ago
modifiedDate: [2018-01-01 ... now-1m]
Show resources modified starting 2 weeks ago, ending 1 second ago
modifiedDate: [now-2w ... now-1s]
Show resources modified on specific date
modifiedDate: [2018-01-08]
Use a text value ##### to show controls based on the unique control ID associated with the control at the time of creation.
Example
Show controls with this ID
policyType: 205767712438
Use the values true | false to find controls that are customizable or not.
Example
Show controls that are customizable
isCustomizable: true
Search the policy by providing a unique id to identify any policy.
Example
Show the policy that belong to specified unique ID
policy.uuid: uuid:80313390-aa04-11e9-9596-45e2d51410b1
Search the system defined control using which all the user defined controls are created. The result always diplays system defined control.
Example
Show the control that belong to specified unique ID
rootParentCid: 12
Search the controls that are created from the specified parent control Id.
Show the policy that created from the specified control ID
parentCid: 12
Use a text value ##### to show controls based on the unique control ID associated with the control at the time of creation.
Example
Show controls with this ID
cid: 205767712438
Search for list of policy based on the policy type. Select the policy type from the drop-down: User Defined or System Defined.
Example
Show policy that are User Defined
policyType: User Defined
Use quotes within values to find a CIS or AWS policy by name.
Examples
Show findings with this name
policy.name: CIS Amazon Web Services Foundations Benchmark
Show any findings that contain parts of name
policy.name: "CIS Amazon Web Services Foundations Benchmark"
policy.executionTypepolicy.executionType
Select the policy by the execution type (Build Time, Run Time).
Examples
Show policies created with controls used for resource evaluation.
policy.executionType: Run Time
Show policies created with controls used for IaC file evaluation.
policy.executionType: Build Time
Use quotes within values to find a CIS or AWS policy by name.
Examples
Show findings with this name
policy.name: CIS Amazon Web Services Foundations Benchmark
Show any findings that contain parts of name
policy.name: "CIS Amazon Web Services Foundations Benchmark"
control.criticalitycontrol.criticality
Select the control criticality (HIGH, MEDIUM, LOW) you're interested in.
Example
Show controls with High criticality
control.criticality: HIGH
control.descriptioncontrol.description
Use quotes within values to help you find controls with a certain description.
Examples
Show controls with this description
control.description: my-description
Show controls that contain parts of description
control.description: "my-description"
Use quotes within values to help you find controls with a certain name.
Examples
Show findings with this name
control.name: Avoid the use of the root account
Show any findings that contain parts of name
control.name: "Avoid the use of the root account"
Select the control result you're interested in: PASS or FAIL.
Examples
Show controls that passed
control.result: PASS
Show controls that failed
control.result: FAIL
Search for list of controls based on the control type. Select the control type from the drop-down: User Defined or System Defined.
Example
Show control that are User Defined
control.type: User Defined
control.executionTypecontrol.executionType
Select the controls by the execution type (Build Time, Run Time).
Examples
Show controls used for resource evaluation.
control.executionType: Run Time
Show controls used for IaC file evaluation.
control.executionType: Build Time
Select the name of the cloud service provider you're interested in. Select from names in the drop-down menu.
Example
Find resources synced from Amazon AWS
provider: AWS
Select the name of the region you're interested in. Select from names in the drop-down menu.
Example
Find resources in the Singapore region
region: Singapore
Use a text value ##### to show resources based on the unique ID.
Example
Show findings with resource ID
resource.id: 2012438
Select the type of resource you're interested in. Select from names in the drop-down menu.
Example
Show resources of type Instance
resource.type: Instance
Select the type of service you're interested in. Select from names in the drop-down menu.
Example
Show service type VPC
service.type: VPC
Use true to view the controls for which remediation is enabled.
Example
Show controls that are remediable
isRemediable: TRUE
controlObjective.sectioncontrolObjective.section
Use the name of controlObjective section to view all the controls that belong to the specified section name.
Examples
Show all the controls that belong to the SC-7 control objective section
controlObjective.section: SC-7
Use the name of mandate policy to view controls that belong to the specified mandate policy.
Examples
Show all the controls that belong to the Cloud Controls Matrix (CCM) mandate policy
mandate.name: Cloud Controls Matrix (CCM)
mandate.publishermandate.publisher
Use the name of the mandate publisher to view controls that belong to the specified mandate policy.
Examples
Show all the controls that belong to the Cloud Security Alliance (CSA) mandate publisher
mandate.publisher: Cloud Security Alliance
requirement.sectionrequirement.section
Use the name of requirement section to view all the controls that belong to the specified requirement section.
Examples
Show all the controls that belong to the AIS requirement section
requirement.section: AIS
Use a text value ##### to show controls created from QFlow with specified QFlow id.
Examples
Show controls with specific qflow id
qflow.id: 80313390-aa04-11e9-9596-45e2d51410b1
Use values within quotes or back-ticks to find controls created from QFlow with the specified name.
Examples
Show controls that are created from QFlow with a name that partially matches the specified QFlow name.
qflow.name: "Publicly accessible S3 buckets"
Show controls that are created from QFlow with a name that exactly matches the specified QFlow name.
qflow.name: `S3 buckets`