1. Help Center
  2. Core Flows
  3. Core Features - Compliance

How do I add a bulk policy exception or mitigation?

Either via the compliance view, or the inventory view, you need to navigate to the compliance resource page that lists out the problems for the resource in order to place a bulk policy exception or mitigation.

1.) From the compliance problems page ensure that the problem you want to place a bulk policy exception on is expanded (in the example below this is "Storage Container containing Activity Logs must be encrypted with 'BYOK') 

2.) Click "More information about this rule"

Screen Shot 2020-07-28 at 2.54.52 PM

3.) Click "Select All" to select all the resources that are currently violating this rule across all of your cloud accounts. (Obviously you do not have to select all - just ensure that the resources you want to have the policy exception/mitigation applied in bulk are selected). 

Screen Shot 2020-07-28 at 3.03.19 PM

4a.) Click "Policy Exception",

4b.) Explain the "Reason" and an Expiration Date (optional) for the exception,

4c.) Click "Add Policy Exception" to apply this exception for the duration of time indicated.

Screen Shot 2020-07-28 at 3.04.18 PMNote: the process is the same if you want to add a mitigation, but with the mitigation button instead of the Policy Exception


It should be noted that policy exceptions will only be applied to resources that are currently in the environment, and not towards future resources that may violate this compliance rule. If you want to turn off notifications for future resources that violate this rule then follow the steps for: Disable Rule.


Additional Resource: 

Place a policy exception on a single resource.