How do I add a policy exception for a compliance issue?

Note: You can follow either of the following paths to drill into a specific resource and look at the recommended next steps to remediate:

1a.) View by Resource 
1b.) View by Framework 
1c.) View by Highest-Impact Fixes 


2.) From the specific resource compliance page expand the compliance control that is out of compliance by clicking it. For example, we'll expand "Default security group has IP permission egress"

Image of resource with compliance tab open

                      ...    <Scroll to the Bottom>   ...

Image of the bottom of a resource page

3.) If you are unable to follow the "Recommended Action" steps to remediate the resource at this time (perhaps it is a known issue that will be addressed in the next sprint, quarter, etc) click "Add Exception or Mitigation"

Image of the exception and mitigation modal.
4a.)  Select "Exception" or "Mitigation"
4b.) Explain the "Reason" and an "Expiration Date" (optional)
4c.) Click "Add Exception" to apply for the duration of time indicated.


This compliance issue will now have an effective exception or mitigation until the expiration date. Move on to the next "Problem" and repeat as needed to address all compliance issues on the resource. 

 

Additional Resources:

How do I remediate a non-compliant resource?