Compliance Rule

Updated 6 months ago by Copado Solutions

A compliance rule holds the criteria that Copado's scanner is going to use to query and analyze your org's metadata. It also holds the severity of the rule and an action to perform when a finding occurs. You can create compliance rules so that whenever a developer tries to move or update metadata, Copado runs a scan to check if these changes are compliant.

Compliance rules are not exclusive of a compliance rule group, you can assign the same compliance rule to different compliance rule groups. To learn more about how to create a compliance rule, please visit the article How to Create a Compliance Rule.

Rule Severity Types

  • Low
  • Medium
  • High
  • Critical

Rule Action Types

  • Abort Process:
    • If there is a finding, a visual alert will be shown, a finding record will be created and the process will be immediately aborted. 
  • Continue with an alert:
    • If there is a finding, a visual alert will be shown, a finding record will be created, and the process will continue. 
  • Document Only:
    • If there is a finding, a finding record will be created, and the process will continue with no alert.

Compliance Scope

The Compliance Scope section holds the actual judgment of the compliance rule that Copado's scanner will use to analyze and safeguard your Salesforce org.

  • Metadata Type:
    • This will be the metadata type that Copado's scanner will be querying for findings. 
    • You can only define one metadata type per rule.
  • Criteria condition rows:
    • These will be the required conditional statements.
  • Criteria Logic:
    • This field contains your advanced criteria logic.

Manage Compliance Rule Criteria

From an existing Compliance Rule record, scroll down to the Criteria section. In this section, you need to add the following information:

  • Metadata Type: Select the metadata type you want to analyze.
    • Compliance rule supported Metadata Types:
      • AccountSettings
      • ActivitiesSettings
      • AddressSettings
      • CaseSettings
      • Certificate
      • CompanySettings
      • ContractSettings
      • CspTrustedSite 
      • CustomObject
      • EntitlementSettings
      • ForecastingSettings
      • IdeasSettings
      • KnowledgeSettings
      • MobileSettings
      • NamedCredential
      • Network
      • PermissionSet
      • Profile
      • SamlSsoConfig
      • SecuritySettings
      • SharingRules
  • In the criteria condition rows, you will tailor your own criteria judgment for the selected metadata type and, optionally, design your own filter logic. It has four items that make it part of the conditional statement:
    • Node: Attribute of the selected metadata type to analyze.
    • Field: Attribute name of the metadata type attribute analyzing.
    • Operator: Evaluation argument of the criteria rule. 
    • Value: Value of the attribute. 
    You can add rows to increase the number of conditional statements in the criteria rule and design your own conditional logic in the Criteria Logic textbox. 

For more information about rule criteria and how to add rule criteria to a compliance rule, check out the article How to Add Rule Criteria to a Compliance Rule.

You can create compliance rules using the Other record type. These rules are not going to be analyzed by Copado's scanner.

Within the Compliance Rule page you can view the related list of compliance findings with its reference to compliance scan.  

Copado Compliance Hub preset rules are available as an installable extension on DevOps Exchange in the Community. You can import them into your Copado org and use them in your scans.

How did we do?