检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Rule Logic If an EVS disk is associated with an available backup vault, this disk is compliant. If an EVS disk is not associated with an available backup vault, this disk is non-compliant. Parent topic: Elastic Volume Service
If an EVS disk is attached but not encrypted, this disk is non-compliant. Parent topic: Elastic Volume Service
Rule Logic If an EVS disk is backed up within the specified period, this system is compliant. If an EVS disk does not have a backup created within the specified period, this disk is non-compliant. Parent topic: Elastic Volume Service
Parent topic: Elastic Volume Service
Parent topic: Elastic Volume Service
Parent topic: Elastic Volume Service
Solution Encrypt your EVS disks. For details, see Managing Encrypted EVS Disks Rule Logic If an EVS disk is encrypted, this disk is compliant. If an EVS disk is not encrypted, this disk is non-compliant. Parent topic: Elastic Volume Service
C.CS.FOUNDATION.G_5_2.R_1 Ensuring that EVS encryption is enabled volumes-encrypted-check ecs, evs If a mounted EVS disk is not encrypted, this disk is noncompliant.
If a mounted EVS disk is not encrypted, this disk is noncompliant. ecs-attached-hss-agents-check ecs If an ECS does not have an HSS agent installed or the protection mode enabled, this ECS is noncompliant. ecs-instance-agency-attach-iam-agency ecs If an ECS does not have any IAM
Solution Ensure that the EVS disk to be backed up is encrypted. For details, see Managing Encrypted EVS Disks. Rule Logic If a CBR backup is encrypted, this backup is compliant. If a CBR backup is not encrypted, this backup is non-compliant.
backup created within the specified period, this ECS is noncompliant. evs-last-backup-created cbr, evs If an EVS disk does not have a backup created within the specified period, this disk is noncompliant. sfsturbo-last-backup-created cbr, sfsturbo If an SFS Turbo system does not
If an EVS disk is not mounted to any cloud server, this disk is noncompliant. volumes-encrypted-check ecs, evs If a mounted EVS disk is not encrypted, this disk is noncompliant. vpc-acl-unused-check vpc If a network ACL is not attached to any subnets, this ACL is noncompliant. vpc-flow-logs-enabled
If an EVS disk is not mounted to any cloud server, this disk is noncompliant. volumes-encrypted-check ecs, evs If a mounted EVS disk is not encrypted, this disk is noncompliant. vpc-acl-unused-check vpc If a network ACL is not attached to any subnets, this ACL is noncompliant. vpc-default-sg-closed
If an EVS disk is not mounted to any cloud server, this disk is noncompliant. volumes-encrypted-check ecs, evs If a mounted EVS disk is not encrypted, this disk is noncompliant. as-group-ipv6-disabled as If an AS group has an IPv6 shared bandwidth attached, this AS group is noncompliant
If an EVS disk has not been attached to any resources within the specified number of days after being created, this disk is noncompliant. volume-unused-check evs If an EVS disk is not mounted to any cloud server, this disk is noncompliant. cce-cluster-end-of-maintenance-version cce
A resource can be an Elastic Cloud Server (ECS), an Elastic Volume Service (EVS) disk, or a Virtual Private Cloud (VPC). For details about supported resources and regions, see Services and Regions Supported by Config.
group has no user, this user group is noncompliant. iam-user-last-login-check iam If an IAM user does not log in to the system within the specified time range, this user is non-compliant. volume-unused-check evs If an EVS disk is not mounted to any cloud server, this disk is noncompliant
A resource relationship may be described as that an EVS disk is attached to an ECS or an ECS is deployed in a VPC. Through resource relationships, you can gain insights into the structures and dependencies of your resources.
Flow logs Virtual Private Cloud Security groups Subnets Contains Virtual Private Cloud Flow logs Bandwidth contains VPC publicips Elastic IP isContainedIn VPC Bandwidth Virtual Private Cloud VPC isAttachedTo ECS Cloud server ELB Load balancer MRS MRS NAT Gateway Public NAT gateway EVS
Elastic Volume Service EVS Disk Type Check Disks Are Used Within the Specified Time Idle EVS Disk Check EVS Disks Are Encrypted Disk Encryption Are Enabled EVS Disks Have Backup Vaults Attached EVS Backup Time Check Parent topic: Built-In Policies
