OpsCompass Compliance Reporting Overview

OpsCompass Compliance PDF and CSV reports provide useful downloadable summaries of your compliance status

OpsCompass compliance reporting helps you share important cloud configuration compliance information with those who may not have an OpsCompass account to see it for themselves. Compliance reporting in OpsCompass makes it easy to understand your overall compliance, as well as offering a detailed, per-resource view of compliance problems. 

There are three types of exportable reports from OpsCompass:

  • PDF Report itemizes all resources for the scope accounts for a specific framework.
  • CSV Report itemizes each resource in your current scope & filter to produce a tabular view of compliance check failures.
  • CSV Action Report itemizes check failures in your current scope & filter to help you identify the specific actions that are needed to address compliance check failures.

Creating a PDF Report

Compliance reporting in OpsCompass is sensitive to the Cloud Account Filter feature. Only those accounts and providers you have selected in the page scope are included in your report. Visit this page for more information on working with Cloud Account Filter and Page Filters. (Note: Compliance Reporting is not sensitive to Page Filter.)

From the Compliance Dashboard in OpsCompass, select the framework in the bottom left for which you want to see the report.

Screenshot 2023-09-14 at 1.30.32 PM

From the compliance framework view, select "Download PDF Report." 

Screenshot 2023-09-14 at 1.31.35 PM

A PDF version of the compliance report will be created. In your PDF viewer you will see the title page, with introductory content explaining the overall compliance score, the compliance framework selected, and the accounts in scope. 

Compliance Report Title Page.

Report Sections & Content

Compliance Reports have the following sections and content:

  • Overview — contains information about the framework and scope accounts in the report.

    Compliance Report Overview Section
  • Control Summary — overview of the compliance framework controls, and the counts of compliance check successes and failures for each control. 

    Compliance Report Control Summary
  • Control Results — a detailed report of each resource's compliance status including cloud check status, account name and resource type. 

    Compliance Report Control Results

Creating a CSV Report

OpsCompass can produce a CSV version of the compliance report. The CSV report is intended to provide a detailed list of specific issues, and is better suited to tabular analysis. 

From the Compliance Framework page, click the drop-down arrow next to "Download PDF Report" and choose "Download CSV Report"

Compliance Report CSV Export

The CSV report is sensitive to Scope and Filter. Only those providers, accounts and resources visible in the OpsCompass view will be included in the CSV report. 

CSV Report Tabular View

In this example, the Page Filter included only AWS S3 buckets, and the resulting CSV file reflects that filter. The CSV report contains the following columns:

  • Framework Reference 
  • Policy 
  • Resource Name 
  • Status 
  • Resource Type
  • Account
  • Severity
  • View (link to the OpsCompass Resource Page
  • Check

Creating a CSV Action Report

In addition to the CSV report, OpsCompass also includes a CSV Action Report, which lists only resources with failed checks. This view differs from the CSV report because it is focused on the actions that are needed to address compliance issues identified by OpsCompass. 

From the Compliance Dashboard, select "Download CSV Action Report" from the dropdown.

Screenshot 2023-09-14 at 1.32.13 PM

Like the CSV report, the CSV Action Report is sensitive to Scope & Filter, meaning only the resources in your current OpsCompass view will appear in the report. 

CSV Action Report Tabular View

This example is a CSV Action Report of the same AWS S3 Buckets from the prior example. The columns included in this report are:

  • Severity 
  • Resource Name
  • Account
  • Resource Group
  • Rationale —  why a given check is problematic according to the framework
  • Recommended Action — the suggested remediation steps from the framework
  • View — a link to the resource's OpsCompass page
  • Policy - the description of the framework control
  • Framework Reference — the compliance framework control hierarchy designation