检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Template createTemplate Deleting a template Template deleteTemplate Querying Audit Logs For details about how to query audit logs, see Viewing CTS Traces in the Trace List.
Figure 8 Configuring an audit account Click Next. Determine whether to enable CTS. If you do not enable CTS, RGC will not manage your CTS audit logs. It is strongly recommended that you enable CTS.
Figure 7 Configuring an audit account Click Next. Determine whether to enable CTS. If you do not enable CTS, RGC will not manage your CTS audit logs. It is strongly recommended that you enable CTS.
Check the number of accounts. 400 RGC.1233 Core Organization can only has two accounts,one must be AUDIT type,another one must be LOGGING type. Each landing zone needs two core accounts (an audit account and a log archive account).
Compliance audit: Comprehensive logs are collected and retained for a specified period, ensuring effective auditing. Data perimeter: Permission boundaries are established to prevent unexpected access.
In your landing zone, you will have one management account and two core accounts (an audit account and a log archive account). Also you are provided with organization-wide single sign-on access as well as centralized logging and auditing capabilities.
This policy is non-compliant if audit logging is not enabled or audit logs cannot be stored for a specified period of time.
Updating the alert email Enter an email address for the audit account. It is used to receive alerts preset by RGC. This email address cannot be currently used for any Huawei Cloud accounts. It can have a maximum of 64 characters.
In this environment, there are one management account and two member accounts (an audit account and a log archive account). This environment is preconfigured with organization-wide SSO access as well as centralized logging and auditing capabilities.
Core OU (Security OU) This OU contains the log archive account and audit account, which are also called core accounts. The log archive account is used to store logs of operations and resource configurations of all accounts.