检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Table 1 Conformance package description Rule Cloud Service Description apig-instances-ssl-enabled apig If no SSL certificates are attached to a dedicated APIG gateway, this gateway is considered noncompliant. cdn-enable-https-certificate cdn If a domain does not have an HTTPS certificate
this gateway is considered non-compliant. apig-instances-ssl-enabled apig If no SSL certificates are attached to an APIG gateway, this gateway is considered noncompliant. cts-lts-enable cts If a CTS tracker does not have trace transfer to LTS enabled, this tracker is noncompliant
this gateway is considered non-compliant. apig-instances-ssl-enabled apig If no SSL certificates are attached to a dedicated APIG gateway, this gateway is considered noncompliant. as-group-elb-healthcheck-required as If an AS group does not have health check enabled, this AS group
period, this CA is noncompliant. pca-certificate-expiration-check pca If the validity period of a private certificate is not within the specified range, this certificate is noncompliant. apig-instances-execution-logging-enabled apig If logging is not enabled for a dedicated APIG gateway
are in. 1.2 vpc-sg-restricted-ssh You can configure security groups to only allow traffic from some IPs to access the SSH port 22 of ECSs to ensure secure remote access to ECSs. 1.2 smn-lts-enable Enable LTS for SMN topics. 1.4 private-nat-gateway-authorized-vpc-only Use private NAT
Security Conformance Package for Landing Zone Architecture Security Best Practices Best Practices for Network and Content Delivery Service Operations Best Practices for Idle Asset Management Multi-AZ Deployment Best Practices Resource Stability Best Practices Best Practices for API Gateway
Security Conformance Package for Landing Zone Architecture Security Best Practices Best Practices for Network and Content Delivery Service Operations Best Practices for Idle Asset Management Multi-AZ Deployment Best Practices Resource Stability Best Practices Best Practices for API Gateway
confidentiality. vpc-flow-logs-enabled Use VPC flow logs to obtain VPC traffic information. 2.8.1 AIs should ensure that appropriate up-to-date records are maintained in their premises and kept available for inspection by the HKMA. apig-instances-execution-logging-enabled Use API gateway
This includes ensuring that any third parties working on behalf of the SME have appropriate security measures in place. private-nat-gateway-authorized-vpc-only Use private NAT gateways to control VPC connections. 1_DEVELOP GOOD CYBERSECURITY CULTURE: REMEMBER DATA PROTECTION Under
Standards Technology (NIST). vpc-sg-restricted-ssh You can configure security groups to restrict connections to SSH port 23. 2.3 Encrypt all non-console administrative access using strong cryptography. apig-instances-ssl-enabled Enable SSL for APIG REST APIs to authenticate API Gateway