配置审计 Config-列出内置策略:响应示例

时间：2023-11-01 16:16:57
配置审计 Config
响应示例

状态码： 200
操作成功。
{  "value" : [ {    "id" : "5fa365476eed194ccb2c04d1",    "name" : "volumes-encrypted-check",    "policy_type" : "builtin",    "description" : "已挂载的云硬盘未进行加密，视为“不合规”。",    "policy_rule_type" : "dsl",    "policy_rule" : {      "allOf" : [ {        "value" : "${resource().provider}",        "comparator" : "equals",        "pattern" : "evs"      }, {        "value" : "${resource().type}",        "comparator" : "equals",        "pattern" : "volumes"      }, {        "value" : "${resource().properties.status}",        "comparator" : "equals",        "pattern" : "in-use"      }, {        "anyOf" : [ {          "value" : "${resource().properties.metadata}",          "comparator" : "notContainsKey",          "pattern" : "systemEncrypted"        }, {          "value" : "${resource().properties.metadata.systemEncrypted}",          "comparator" : "equals",          "pattern" : "0"        } ]      } ]    },    "keywords" : [ "evs", "ecs" ],    "parameters" : { }  }, {    "id" : "5fa9f89b6eed194ccb2c04db",    "name" : "required-tag-check",    "policy_type" : "builtin",    "description" : "指定一个标签，不具有此标签的资源，视为“不合规”。",    "policy_rule_type" : "dsl",    "policy_rule" : {      "anyOf" : [ {        "value" : "${contains(resource().tags, parameters('specifiedTagKey'))}",        "comparator" : "equals",        "pattern" : false      }, {        "allOf" : [ {          "value" : "${length(parameters('specifiedTagValue'))}",          "comparator" : "greater",          "pattern" : 0        }, {          "value" : "${getValue(resource().tags, parameters('specifiedTagKey'))}",          "comparator" : "notIn",          "pattern" : "${parameters('specifiedTagValue')}"        } ]      } ]    },    "keywords" : [ "tag" ],    "parameters" : {      "specifiedTagKey" : {        "name" : null,        "description" : "the specified tag key。",        "allowed_values" : null,        "default_value" : null,        "type" : "String"      },      "specifiedTagValue" : {        "name" : null,        "description" : "The list of allowed tag value, permit all if empty。",        "allowed_values" : null,        "default_value" : null,        "type" : "Array"      }    }  }, {    "id" : "5fa265c0aa1e6afc05a0ff07",    "name" : "allowed-images-by-id",    "policy_type" : "builtin",    "description" : "指定允许的镜像ID列表，ECS实例的镜像ID不在指定的范围内，视为“不合规”。",    "policy_rule_type" : "dsl",    "policy_rule" : {      "allOf" : [ {        "value" : "${resource().provider}",        "comparator" : "equals",        "pattern" : "ecs"      }, {        "value" : "${resource().type}",        "comparator" : "equals",        "pattern" : "cloudservers"      }, {        "value" : "${resource().properties.metadata.meteringImageId}",        "comparator" : "notIn",        "pattern" : "${parameters('listOfAllowedImages')}"      } ]    },    "keywords" : [ "ecs", "ims" ],    "parameters" : {      "listOfAllowedImages" : {        "name" : null,        "description" : "The list of allowed image IDs。",        "allowed_values" : null,        "default_value" : null,        "type" : "Array"      }    }  }, {    "id" : "5fa36558aa1e6afc05a3d0a7",    "name" : "volume-inuse-check",    "policy_type" : "builtin",    "description" : "云硬盘未挂载给任何云服务器，视为“不合规”。",    "policy_rule_type" : "dsl",    "policy_rule" : {      "allOf" : [ {        "value" : "${resource().provider}",        "comparator" : "equals",        "pattern" : "evs"      }, {        "value" : "${resource().type}",        "comparator" : "equals",        "pattern" : "volumes"      }, {        "value" : "${resource().properties.status}",        "comparator" : "equals",        "pattern" : "available"      } ]    },    "keywords" : [ "evs" ],    "parameters" : { }  }, {    "id" : "5fa3a1196eed194ccb2c04d7",    "name" : "allowed_volume_specs",    "policy_type" : "builtin",    "description" : "指定允许的云硬盘类型列表，云硬盘的类型不在指定的范围内，视为“不合规”。",    "policy_rule_type" : "dsl",    "policy_rule" : {      "allOf" : [ {        "value" : "${resource().provider}",        "comparator" : "equals",        "pattern" : "evs"      }, {        "value" : "${resource().type}",        "comparator" : "equals",        "pattern" : "volumes"      }, {        "value" : "${resource().properties.volumeType}",        "comparator" : "notIn",        "pattern" : "${parameters('listOfAllowedSpecs')}"      } ]    },    "keywords" : [ "evs" ],    "parameters" : {      "listOfAllowedSpecs" : {        "name" : null,        "description" : "The list of allowed disk specifications。",        "allowed_values" : null,        "default_value" : null,        "type" : "Array"      }    }  }, {    "id" : "5f8d549bffeecc14f1fb522a",    "name" : "allowed_ecs_flavors",    "policy_type" : "builtin",    "description" : "ECS资源的规格不在指定的范围内，视为“不合规”。",    "policy_rule_type" : "dsl",    "policy_rule" : {      "allOf" : [ {        "value" : "${resource().provider}",        "comparator" : "equals",        "pattern" : "ecs"      }, {        "value" : "${resource().type}",        "comparator" : "equals",        "pattern" : "cloudservers"      }, {        "value" : "${resource().properties.flavor.name}",        "comparator" : "notIn",        "pattern" : "${parameters('listOfAllowedFlavors')}"      } ]    },    "keywords" : [ "ecs" ],    "parameters" : {      "listOfAllowedFlavors" : {        "name" : null,        "description" : "The list of allowed flavor types。",        "allowed_values" : null,        "default_value" : null,        "type" : "Array"      }    }  }, {    "id" : "5fa3a1196eed194ccb2c04d5",    "name" : "eip-unbound-check",    "policy_type" : "builtin",    "description" : "弹性公网IP未进行任何绑定，视为“不合规”。",    "policy_rule_type" : "dsl",    "policy_rule" : {      "allOf" : [ {        "value" : "${resource().provider}",        "comparator" : "equals",        "pattern" : "vpc"      }, {        "value" : "${resource().type}",        "comparator" : "equals",        "pattern" : "publicips"      }, {        "value" : "${resource().properties.status}",        "comparator" : "equals",        "pattern" : "DOWN"      } ]    },    "keywords" : [ "vpc" ],    "parameters" : { }  }, {    "id" : "5f8d5428ffeecc14f1fb5205",    "name" : "ecs-instance-no-public-ip",    "policy_type" : "builtin",    "description" : "ECS资源具有公网IP，视为“不合规”。",    "policy_rule_type" : "dsl",    "policy_rule" : {      "allOf" : [ {        "value" : "${resource().provider}",        "comparator" : "equals",        "pattern" : "ecs"      }, {        "value" : "${resource().type}",        "comparator" : "equals",        "pattern" : "cloudservers"      }, {        "value" : "${length(filter(resource().properties.addresses, lambda x: equals(x.OsExtIpsType, 'floating')))}",        "comparator" : "greater",        "pattern" : 0      } ]    },    "keywords" : [ "ecs" ],    "parameters" : { }  }, {    "id" : "5fa265c0aa1e6afc05a0ff10",    "name" : "ecs-instance-in-vpc",    "policy_type" : "builtin",    "description" : "指定虚拟私有云ID，不属于此VPC的ECS资源，视为“不合规”。",    "policy_rule_type" : "dsl",    "policy_rule" : {      "allOf" : [ {        "value" : "${resource().provider}",        "comparator" : "equals",        "pattern" : "ecs"      }, {        "value" : "${resource().type}",        "comparator" : "equals",        "pattern" : "cloudservers"      }, {        "value" : "${resource().properties.metadata.vpcId}",        "comparator" : "notEquals",        "pattern" : "${parameters('vpcId')}"      } ]    },    "keywords" : [ "ecs", "vpc" ],    "parameters" : {      "vpcId" : {        "name" : null,        "description" : "VPC ID that contains the ECS instance。",        "allowed_values" : null,        "default_value" : null,        "type" : "String"      }    }  } ],  "page_info" : {    "current_count" : 9,    "next_marker" : null  }}
上一篇：配置审计 Config-查询指定聚合合规规则详情:请求参数
下一篇：配置审计 Config-列出内置策略:请求参数