Reviewing evidence in AWS Audit Manager
When you need to review a specific piece of evidence, follow the instructions on this page. You'll find the evidence details organized into several sections.
Prerequisites
The following procedure assumes that you have previously created at least one assessment. If you haven’t created an assessment yet, you won’t see any results when you follow these steps.
Make sure your IAM identity has appropriate permissions to view an assessment in AWS Audit Manager. Two suggested policies that grant these permissions are AWSAuditManagerAdministratorAccess and Allow users management access to AWS Audit Manager.
Keep in mind that it takes up to 24 hours for an assessment to start collecting automated evidence. If your assessment has no evidence yet, you won’t see any results when you follow these steps.
Procedure
To open and review an evidence details page
Open the AWS Audit Manager console at https://console.aws.amazon.com/auditmanager/home
. -
In the navigation pane, choose Assessments, and then choose an assessment.
-
From the assessment page, choose the Controls tab, scroll down to the Controls table, and then choose a control.
-
From the control page, choose the Evidence folders tab.
-
In the Evidence folders table, choose the name of an evidence folder.
-
Choose the evidence name under the Time column to open the evidence details page.
-
Review the evidence details using the following information as reference.
Sections of an evidence details page
Summary
You can use the Summary section to see an overview of the evidence.
In this section, you can review the following information:
| Name | Description |
|---|---|
|
1. Evidence ID |
The unique identifier for the evidence. |
|
2. Date and time |
The time and date when the evidence was collected. This is represented in Coordinated Universal Time (UTC). |
| 3. Compliance check |
The evaluation status for compliance check evidence.
|
| 4. Data source mapping |
The mapping keyword that was used to collect the evidence. |
| 5. Data source type |
The type of data source where the evidence was collected from. |
| 6. Account ID |
The AWS account that's associated with the evidence. |
| 7. IAM ID |
The relevant user or role, if applicable. |
| 8. Assessment |
The name of the assessment that's associated with the evidence. |
| 9. Control |
The name of the control that's associated with the evidence. |
| 10. Evidence folder name |
The name of the evidence folder that contains the evidence. |
| 11. Include in assessment report |
The switch that enables you to include or exclude the evidence from the assessment report. |
Attributes
You can use the Attributes table to see the evidence attributes in detail.
In this table, you can review the following information:
| Name | Description |
|---|---|
|
Attribute name |
The key for the attribute. |
|
Value |
The value of the attribute. In some cases, a link to a JSON file is provided with more information. |
Resources included
You can use the Resources included table to see the resources that were assessed to generate this evidence.
In this section, you can review the following information:
| Name | Description |
|---|---|
|
ARN |
The Amazon Resource Name (ARN) of the resource. An ARN might not be available for all evidence types. |
|
Resource compliance |
The evaluation status for the resource.
|
| Value |
More information about the resource assessment. In some cases, a link to a JSON file is provided with more information. |
Additional resources
-
For solutions to evidence issues in Audit Manager, see Troubleshooting assessment and evidence collection issues.
