检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Each User Group Has at Least One User Rule Details Table 1 Rule details Parameter Description Rule Name iam-group-has-users-check Identifier iam-group-has-users-check Description If an IAM user group has no users, this user group is noncompliant. Tag iam Trigger Type Configuration
DCS Redis Instances Do Not Have EIPs Attached Rule Details Table 1 Rule details Parameter Description Rule Name dcs-redis-no-public-ip Identifier dcs-redis-no-public-ip Description If a DCS Redis instance has an EIP attached, this instance is noncompliant. Tag dcs Trigger Type Configuration
A CSS Cluster Has at Least Two Instances Rule Details Table 1 Rule details Parameter Description Rule Name css-cluster-multiple-instances-check Identifier css-cluster-multiple-instances-check Description If a CSS cluster only has one instance, this cluster is noncompliant. Tag css
DCS Memcached Instances Do Not Have EIPs Attached Rule Details Table 1 Rule details Parameter Description Rule Name dcs-memcached-no-public-ip Identifier dcs-memcached-no-public-ip Description If a DCS Memcached instance has an EIP attached, this instance is noncompliant. Tag dcs
DCS Memcached Instances Are in a Specified VPC Rule Details Table 1 Rule details Parameter Description Rule Name dcs-memcached-in-vpc Identifier dcs-memcached-in-vpc Description If a DCS Memcached instance is not in the specified VPC, this instance is noncompliant. Tag dcs Trigger
An ECS Does Not Have Multiple EIPs Attached Rule Details Table 1 Rule details Parameter Description Rule Name ecs-multiple-public-ip-check Identifier ecs-multiple-public-ip-check Description If an ECS has multiple EIPs attached, this ECS is noncompliant. Tag ecs Trigger Type Configuration
DCS Redis Instances Are in the Specified VPC Rule Details Table 1 Rule details Parameter Description Rule Name dcs-redis-in-vpc Identifier dcs-redis-in-vpc Description If a DCS Redis instance is not in the specified VPC, this instance is noncompliant. Tag dcs Trigger Type Configuration
Multi-AZ Deployment Has Been Configured Rule Details Table 1 Rule details Parameter Description Rule Name as-multiple-az Identifier as-multiple-az Description If an AS group is deployed in a single AZ, this AS group is noncompliant. Tag as Trigger Type Configuration change Filter
Key Rotation Has Been Enabled Rule Details Table 1 Rule details Parameter Description Rule Name kms-rotation-enabled Identifier kms-rotation-enabled Description If key rotation is not enabled for a KMS key, this key is noncompliant. Tag kms Trigger Type Configuration change Filter
MFA Has Been Enabled for Console Login Rule Details Table 1 Rule details Parameter Description Rule Name mfa-enabled-for-iam-console-access Identifier mfa-enabled-for-iam-console-access Description If MFA is not enabled for an IAM user who has a console password, this IAM user is
Conformance Package for ECS The following table lists the rules and solutions included in this conformance package template. Table 1 Conformance package description Rule Cloud Service Description ecs-instance-key-pair-login ecs If key pair authentication is not required for ECS logging
The Root User Has MFA Enabled Rule Details Table 1 Rule details Parameter Description Rule Name root-account-mfa-enabled Identifier root-account-mfa-enabled Description If the root user does not have MFA enabled, this root user is noncompliant. Tag iam Trigger Type Periodic Filter
Idle ECS Check Rule Details Table 1 Rule details Parameter Description Rule Name stopped-ecs-date-diff Identifier stopped-ecs-date-diff Description If an ECS has been stopped for longer than the time allowed, and no operations have been performed on it, this ECS is noncompliant. Tag
SSL Has Been Enabled Rule Details Table 1 Rule details Parameter Description Rule Name dds-instance-enable-ssl Identifier dds-instance-enable-ssl Description If SSL is not enabled for a DDS instance, this instance is noncompliant. Tag dds Trigger Type Configuration change Filter Type
Log Reporting to LTS Has Been Enabled Rule Details Table 1 Rule details Parameter Description Name smn-lts-enable Identifier smn-lts-enable Description If Report Logs to LTS has not been enabled for a topic, this topic is noncompliant. Tag smn Trigger Type Configuration change Filter
DCS Redis Instances Support SSL Rule Details Table 1 Rule details Parameter Description Rule Name dcs-redis-enable-ssl Identifier dcs-redis-enable-ssl Description If a DCS Redis instance can be accessed over public networks but does not support SSL, this instance is noncompliant.
DCS Memcached Instances Support SSL Rule Details Table 1 Rule details Parameter Description Name dcs-memcached-enable-ssl Identifier dcs-memcached-enable-ssl Description If a DCS Memcached instance can be accessed through public networks but does not support SSL, this instance is
