Add findings sources for VMware Tanzu Guardrails governance in VMware Tanzu Hub

Add external finding sources so that you can combine cloud-native governance findings with the Tanzu Guardrails governance findings for a single list of vulnerabilities related to your cloud resources.

Findings report the misconfiguration or vulnerabilities for your resources. Findings are based on policies that define industry standards or configuration rules, or your own requirements. In addition to the governance policies that you define and apply in VMware Tanzu Hub, you can also pull in the cloud-native monitoring data so that you can evaluate all your vulnerabilities in a single user interface. For example, Amazon GuardDuty, Amazon Inspector, and Microsoft Defender for Cloud.

Before you begin

  • Verify that the monitoring services are turned on in your cloud provider.
  • Add accounts and verify that the IAM policies include your finding sources.

Activate an external finding source

The external finding sources are collected from the cloud provider when you add a cloud account. To add them to the findings, you must activate the finding source.

  1. Select Administration > Set Up and Configure > Findings sources.
  2. Click View on the tile for the source you want to add.
  3. To activate an inactive source, select one or more sources and click Activate.

How to review the findings for the added sources

When the finding sources are active and healthy, you can use the information to review problems based on the attention score.

  1. To review the report findings for any of the sources, select Intelligence Services > Guardrails > Findings.
  2. To limit the findings to a source, apply the Finding Source filter by selecting the source, and click Apply.

    For example, select Amazon GuardDuty.

  3. To troubleshoot a finding, expand the details for that finding.

    • To review the cloud provider policy, click the Policy link.
    • To review the affected resource in Hub, click the Resource name link.

For additional governance troubleshooting options, see Investigate VMware Tanzu Guardrails findings.

How to determine if the finding sources are providing data

If you do not see findings from your finding sources, review the status and health of the finding sources.

  1. Select Administration > Set Up and Configure > Findings sources.
  2. Select the source and review the Status and Health Status.

    Status Health Status What it means Possible remediation actions
    Active Healthy The source is connected in VMware Tanzu Hub and collecting data. Event monitoring might not be configured for the account. If configured, the updates are real-time. If it is not configured, the updates are approximately every 12 hours.
    Active Not triggered The source is activated in VMware Tanzu Hub but cannot receive data.
    • The source service is not enabled for the account in the cloud provider. Go to your cloud account and verify that the service is enabled.
    • The account is not configured with the latest IAM policy. Rerun your account configuration to get the latest script updates.
    Inactive Healthy The source is not activated in VMware Tanzu Hub but the account is ready to collect data. Activate the source.
    Inactive Not triggered The source is not activated in VMware Tanzu Hub and VMware Tanzu Hub cannot receive data.
    • Activate the source.
    • The source service is not enabled for the account in the cloud provider. Go to your cloud account and verify that the service is enabled.
    • The account is not configured with the latest IAM policy. Rerun your account configuration to get the latest script updates.

Parent topic:Setting up data connections in VMware Tanzu Hub

check-circle-line exclamation-circle-line close-line
Scroll to top icon