Other Integrations & Connections

Setting up Framework Tags in AWS

  • Updated

Framework tags are a feature that lets you tag resources in AWS and use them in Vanta to manage which resources should be included in which audits. For example, tagging an EC2 instance with the SOC 2 tag will make the EC2 instance invisible in audits for any other framework. You can also add tags that make the resource out of scope from all audits. 

Please note, this feature is currently in Beta. If you would like more information please reach out to Vanta's Customer Success team
  • Log into the AWS console.
  • Navigate to the AWS resource for which you would like to add tags.
  • Click on the Tagging tab.
  • Select Edit on the top right of the Tags section.

  • Click Add new tag
  • Enter VantaFramework as the key, and <my-framework-name> as the value.
  • For example
    • If you want the resource to only be scoped in for SOC 2, the tag's value will be soc2 
    • If you want the resource to be scoped in for multiple frameworks, set the tag's value to be a colon-delimited list of frameworks. For example, if I want the resource to be in scope for SOC 2 and PCI, the tag's value will be soc2:pci
    • If you want the resource to be excluded from all frameworks, set the tag's value to exclude-all
  • Click Save.
  • Log in to Vanta, and navigate to the Tests page.
  • If the tagged resource fails one of your tests, you will be able to see it on the test details page with the applied tags.

  • If you enter the audit view for a framework for which the resource is not scoped in, it will not appear on the inventory page. For example, if one of my SQS queues is not scoped in for GDPR, it will not appear on the below page. 



FAQs

I updated my AWS tags. Why aren’t they appearing in the UI?

  • Vanta fetches your AWS resources about once per hour, and so they will appear once this happens. 

What if I don’t have permission to edit tags in the AWS console? 

    • Your engineering team might use Terraform or another tool to manage your infrastructure. In this case, please ask the engineering team to add the tags from within Terraform.