To create a cloud security policy:
Navigate to Posture Management → Rules & Policies → Policies → Cloud Security.
Click Create Policy.
On the Details page, provide Policy Name, Description, and Labels (optional).
Click Next.
On the Rules page, select which rules to be alerted on by using the available filters. You have three options:
All Matching Filter Criteria - Include rules that match specific attributes (e.g., all critical severity rules).
From Rules List - Manually select specific rules from the available inventory.
All Rules - Include all available rules.
Click Next.
On the Scope page, select which scope to be alerted on:
From Cloud Accounts - Select the specific cloud provider account to which the asset belongs.
From Asset Groups - Select the specific logical groupings of assets (e.g., "Production" or "PCI Environment"). An asset group can have assets across different accounts, as the filter logic for the group can be generic (e.g., provider = AWS).
All Cloud Assets - Apply to the entire tenant.
Click Done to save the policy.