The Quarantine rule appears to have fired in external DLP. The CASB violation noted that quarantine was the action taken, however, the API request to drop a marker file and move the file to a quarantine folder does not appear to be honored.
When DLP and CASB are integrated the policies created in DLP do not reflect the available remediation options for each securlet. The DLP remediation options remain the same for all securlets
AWS Securlet does not support quarantining files