Get answers to frequently asked support questions for Cloud Posture.
How do I manage Lambda-009 and SecretsManager-001 rule failures related to Agentless Vulnerability & Threat Detection?
The relevant Agentless Vulnerability & Threat
Detection resources are securely encrypted with default keys. In addition, the environment
variables
do not contain any secrets, so adding additional encryption using customer-managed
keys is not
required.
To prevent Trend Cloud One - Conformity from impacting the rules compliance of
your cloud accounts, exclude the resources from the Lambda-009 and
SecretsManager-001 rules. You can create a rule exception using the resource tag AppManagerCFNStackKey::V1 Agentless
Vulnerability and Threat Detection to exclude the resources from the rules.
Alternatively, you can create and apply an exceptions profile using the resource tag:
-
Merge the profile with the affected accounts to apply the rule exceptions.