Fix Invalid Controls
In this guide, you will:
- Use Guardrails console to identify and fix controls in an invalid state.
Controls enforce policies to ensure cloud resources remain compliant and Guardrails functions properly. Controls in OK, Alarm, or Skipped states indicate a healthy environment. Regularly resolving controls in an Invalid or error state helps maintain consistency and avoid errors.
Prerequisites
- Turbot/Operator permissions at the Turbot resource level.
- Familiarity with the Guardrails console.
Step 1: Login to Guardrails Console
Log in to the Guardrails console.
Step 2: Navigate to Reports
Choose Reports from the top navigation menu.
Step 3: View Control Alerts
From Controls, select Alerts by Control Type.
Select Invalid from the State filter dropdown to display all invalid controls.
Step 4: Find Invalid Control
Select the desired invalid control from the list to view detailed information and investigate further.
The control page explains why the control is in an invalid state. In this case, the issue arises because the required sub-policies for the active control are set to Skip.
Step 5: Fix Control Issues
Select the Policies tab to display the list of sub-policies currently in a Skipped state.
Select the sub-policy, choose the desired setting, and click Create to apply the changes.
The control re-evaluates the policies and transitions to an OK state if the settings are correctly applied.
Step 6: Optimizing Controls
- Review the controls in Invalid state and take the necessary actions.
- If the state is due to policy misconfiguration, carefully adjust the settings and apply the changes as required. Ensure that all configurations align with the workspace's needs to resolve the issue effectively.
- For product-related issues, document and report them for further investigation.
- Additionally, to maintain efficiency, skip resources or controls that are not a priority to reduce noise and wastage.
If you encounter any issues, please Open a Support Ticket and attach the relevant information to assist you more efficiently:
- A screenshot of the Guardrails control in an invalid state.
- A screenshot of the Guardrails policy in an invalid state.
- Provide the control log. Refer here to extract the log.