Custom CSPM Rules

Aikido’s Custom CSPM Rules let you define cloud misconfiguration rules in natural language, generating new issues in the feed based on your cloud asset searches. All these issues follow the same functionality as other issues in the feed, e.g, ignore, snooze, alert notifications, task creation, etc.

Use cases

• Flagging any cloud buckets stored outside the EU

• Detecting resources with public exposure

• Enforcing tagging compliance on cloud assets

Create a Custom CSPM Rule

Step 1. Go to the Cloud Assets page in Aikido.

Step 2. Click on Custom CSPM Rules

Step 3. Click Create custom rule on the Custom Rules Page.

Step 4. Fill in the necessary details to create the rule

• Add a related search query to define the condition that triggers the issue (e.g. show buckets outside of eu).

• Issue title

• TL;DR

• How to fix

• Score (this impacts severity)

Step 5. Your rule will be added to the page. You can always edit or delete by clicking the action dropdown menu.

Step 6. Trigger a new cloud scan manually to have matching results appear in the feed.

Important Notes

• Custom CSPM rules are only evaluated during scheduled (nightly) cloud scans, not immediately upon creation. If you want to see your issues in the feed earlier, you need to execute a manual scan.

• These rules generate cloud misconfiguration issues, which support all standard issue features (severity adjustment, Slack integration, task creation, etc.).

• Custom CSPM rules are applied across all connected cloud accounts.