- Looking at the compliance report for an AWS account shows that some rules are missing from a section/sections.
- Example: AWS_CIS_1_1, LW_AWS_NETWORKING_41
- Config integration completed with AWS account/s
- Initial compliance report completed and available
- You can find this by navigating to "Compliance" -> "AWS" -> "Reports" and selecting the correct account and report run.
- You have a large number of assets and/or other tools that heavily use your AWS account API.
In rare circumstances, the initial setup of the config integration may lead to that AWS account being rate limited and unable to complete every item on the report. The next daily scheduled run should complete as normal once the rate-limiting has been reset.
NOTE: Running manual compliance scans will not address this issue, the more scans you run manually the more requests Lacework will do towards AWS. This will run the risk of becoming rate limited.
If this issue is reoccurring with multiple scans please reach out to Lacework Support for further assistance.
AWS documentation around API rate limiting