Enable Intelligent Fixes
In this guide, you will learn how to:
- Get AI-generated remediation steps for non-compliant resources.
- Review and implement recommended fixes for security and compliance issues.
- Understand the context and impact of suggested remediation actions.
When a resource is found to be non-compliant i.e. enters an alarm state, Intelligent Fixes analyzes:
- Alert Summary: Clear explanation of why the control is in alarm and what needs to be addressed.
- Guardrails Actions: Available
Quick Actionsand policy changes within the platform. - Cloud Provider CLI: Direct commands for AWS, Azure, gcloud, kubectl, and gh CLIs to fix the misconfiguration.
- Infrastructure-as-Code: Terraform plans to remediate the issue via code.
Prerequisites
- Turbot/Admin permissions at the Turbot resource level.
- Familiarity with the Guardrails console.
- Ensure that Turbot > AI > Configuration is set up.
Step 1: Enable Intelligent Fixes
In the Policies tab, navigate to Turbot > AI > Control > Intelligent Fixes and select the Enabled option. Create a new setting by selecting New Policy Setting.
NoteThe default value is Disabled. You can enable it based on your requirements.If enabled at the Turbot level in Turbot AI Configuration > Step 7, the Intelligent Assessment control becomes available for use.
For this guide, the Turbot > AI > Control > Intelligent Fixes > Enabled policy is set to Enabled.
Step 2: Check Remediation
Navigate to any control in the ALARM state. The remediation steps will automatically begin to load, and you will see an initial message: "Generating remediation steps…".
For example, let's consider AWS > S3 > Bucket > Tags.
The AI will analyze the non-compliant resource and generate remediation steps in multiple options such as CLI, Terraform, and CloudFormation.
Remediation in Terraform
Remediation in CLI
You can select the CLI option from the Remediation Steps dropdown to view the required CLI commands.
NoteThe output is generated by the AI provider and may vary based on the model's capabilities and input details.
Step 3: Check Quick Action
Quick Actions provide an option to perform one-time control enforcements directly within your cloud environment. When enabled for any control, these actions appear in the remediation panel alongside the detailed remediation steps.
Check Quick Actions for more details on enabling it.
Note(/guardrails/docs/guides/using-guardrails/quick-actions#enabling-quick-actions) are available for select controls and provide a fast, automated way to remediate common issues. Always review each action before applying it to ensure it aligns with your compliance requirements.
Next Steps
To explore more Guardrails features:
- Intelligent Assessment Control
- Policy Pack Summary
- Configure Guardrails MCP Server
- Developing guardrails for Guardrails
Troubleshooting
| Issue | Description | Guide |
|---|---|---|
| Further Assistance | If issues persist, please open a support ticket and attach relevant information to help us assist you more efficiently. | Open Support Ticket |