Guide to add a custom security rule
backend/rules
like this one.
UID
like iam/no_root_access_keys
. This is made from a service (e.g. iam
) and a rule name (e.g. no_root_access_keys
).Description
for the rule.Severity
level from Low
, Moderate
, High
, and Critical
.RiskCategories
that describe the rule. Choose from Insufficient Monitoring
, Publicly Exposed
, Poor Encryption
, IAM Misconfiguration
, Patching Issue
, Unused Resource
, Data Access
, and Poor Backup
.Execute
. This is a Cypher query that returns a resource_id
, resource_type
, account_id
, status
, and context
.MisconfigurationRulesToExecute
or AttackPathsRulesToExecute
heredisplayType
entry here. (This is to set the label of the resource in the UI.)