检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
DCS Memcached Instances Are in a Specified VPC Rule Details Table 1 Rule details Parameter Description Rule Name dcs-memcached-in-vpc Identifier dcs-memcached-in-vpc Description If a DCS Memcached instance is not in the specified VPC, this instance is noncompliant. Tag dcs Trigger
ECS Backup Time Check Rule Details Table 1 Rule details Parameter Description Rule Name ecs-last-backup-created Identifier ECS Backup Time Check Description If an ECS does not have a backup created within the specified period, this ECS is non-compliant. Tag cbr, ecs Trigger Type Periodic
DCS Redis Instances Are in the Specified VPC Rule Details Table 1 Rule details Parameter Description Rule Name dcs-redis-in-vpc Identifier dcs-redis-in-vpc Description If a DCS Redis instance is not in the specified VPC, this instance is noncompliant. Tag dcs Trigger Type Configuration
Multi-AZ Deployment Has Been Configured Rule Details Table 1 Rule details Parameter Description Rule Name as-multiple-az Identifier Multi-AZ Deployment Has Been Configured Description If an AS group is deployed in a single AZ, this AS group is non-compliant. Tag as Trigger Type Configuration
Key Rotation Has Been Enabled Rule Details Table 1 Rule details Parameter Description Rule Name kms-rotation-enabled Identifier Key Rotation Has Been Enabled Description If key rotation is not enabled for a KMS key, this key is non-compliant. Tag kms Trigger Type Configuration change
MFA Has Been Enabled for Console Login Rule Details Table 1 Rule details Parameter Description Rule Name mfa-enabled-for-iam-console-access Identifier mfa-enabled-for-iam-console-access Description If MFA is not enabled for an IAM user who has a console password, this IAM user is
Conformance Package for ECS The following table lists the rules and solutions included in this conformance package template. Table 1 Conformance package description Rule Cloud Service Description ecs-instance-key-pair-login ecs If key pair authentication is not required for ECS logging
Number of ECS vCPUs Rule Details Table 1 Rule details Parameter Description Rule Name ecs-instance-cpu-check Identifier Number of ECS vCPUs Description If an ECS has fewer vCPUs than required, the check result is non-compliant. Tag ecs Trigger Type Configuration change Filter Type
ECS Instances Are in the Specified VPC Rule Details Table 1 Rule details Parameter Description Rule Name ecs-instance-in-vpc Identifier ECS Instances Are in the Specified VPC Description If an ECS is not in the specified VPC, this ECS is non-compliant. Tag ecs, vpc Trigger Type Configuration
DCS for Memcached Access Password Check Rule Details Table 1 Rule details Parameter Description Rule Name dcs-memcached-password-access Identifier DCS for Memcached Access Password Check Description If a DCS for Memcached instance can be accessed without a password, this instance
DCS for Redis Instance Version Rule Details Table 1 Rule details Parameter Description Rule Name dcs-redis-engine-version-check Identifier DCS for Redis Instance Version Description If a DCS for Redis instance is earlier than the specified version, the check result is non-compliant
The Root User Has MFA Enabled Rule Details Table 1 Rule details Parameter Description Rule Name root-account-mfa-enabled Identifier root-account-mfa-enabled Description If the root user does not have MFA enabled, this root user is noncompliant. Tag iam Trigger Type Periodic Filter
Idle ECS Check Rule Details Table 1 Rule details Parameter Description Rule Name stopped-ecs-date-diff Identifier Idle ECS Check Description If an ECS has been stopped for longer than the time allowed, and no operations have been performed on it, this ECS is non-compliant. Tag ecs
SSL Has Been Enabled Rule Details Table 1 Rule details Parameter Description Rule Name dds-instance-enable-ssl Identifier SSL Has Been Enabled Description If SSL is not enabled for a DDS instance, this instance is non-compliant. Tag dds Trigger Type Configuration change Filter Type
DCS for Redis Instance Port Check Rule Details Table 1 Rule details Parameter Description Rule Name dcs-redis-port-check Identifier DCS for Redis Instance Port Check Description If a DCS for Redis instance is using a disabled port, the check result is non-compliant. Tag dcs Trigger
ECS Memory Size Rule Details Table 1 Rule details Parameter Description Rule Name ecs-instance-memory-check Identifier ECS Memory Size Description If an ECS has less memory than required, the check result is non-compliant. Tag ecs Trigger Type Configuration change Filter Type ecs.cloudservers
DCS for Redis Access Password Check Rule Details Table 1 Rule details Parameter Description Rule Name dcs-redis-password-access Identifier DCS for Redis Access Password Check Description If a DCS for Redis instance can be accessed without a password, this instance is non-compliant
ECS Status Check Rule Details Table 1 Rule details Parameter Description Rule Name ecs-instance-status-no-stopped Identifier ECS Status Check Description If an ECS is not in the stopped state, the check result is non-compliant. Tag ecs Trigger Type Configuration change Filter Type
DCS for Memcached Instances Support SSL Rule Details Table 1 Rule details Parameter Description Rule Name dcs-memcached-enable-ssl Identifier DCS for Memcached Instances Support SSL Description If a DCS for Memcached instance can be accessed through public networks but does not support
DCS for Redis Instances Support SSL Rule Details Table 1 Rule details Parameter Description Rule Name dcs-redis-enable-ssl Identifier DCS for Redis Instances Support SSL Description If a DCS Redis instance can be accessed over public networks but does not support SSL, this instance
