检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Table 1 Conformance package description Rule Cloud Service Description gaussdb-instance-enable-auditLog gaussdb If a GaussDB instance does not have audit log collection enabled, this instance is noncompliant. gaussdb-instance-enable-backup gaussdb If a GaussDB instance does not have
You will have the following benefits using APIG: Abnormal access detection: Audit logs allow you to identify abnormal access events, such as frequent failed requests and requests from abnormal IP addresses, and detect potential attacks.
You need to configure the SMN topic and OBS bucket properly to meet audit and data security requirements. Solution Modify the SMN topic or OBS bucket configurations of your resource recorder as required. For details, see Modifying the Resource Recorder.
You need to configure the SMN topic and OBS bucket properly to meet audit and data security requirements. Solution Modify the SMN topic or OBS bucket configurations of your resource recorder as required. For details, see Modifying the Resource Recorder.
Audit records shall be protected and regular backup should be performed to avoid unexpected deletion, modification, or overwriting. cts-tracker-exists Ensure that a CTS tracker has been created for your account to record operations on the Huawei Cloud console. 8.1.4.1 d.
Log Enabled Configuration change rds.instances GaussDB GaussDB Instances Are in the Specified VPC Configuration change gaussdb.instance Audit Log Collection Is Enabled Configuration change gaussdb.instance Automated Backup Is Enabled Configuration change gaussdb.instance Error Log
Scenario: If you tag resources by environment, you can use these tags to audit resources in different environments. Assume that you have added the tag key: Env:Prod to all resources in the production environment and Env:Test to all resources in the test environment.
CTS helps you record operations on Config for later query, audit, and backtrack. Recording Config Operations in CTS FunctionGraph You can use FunctionGraph to create a custom policy to evaluate resource compliance. To create a custom rule, you need to use FunctionGraph.
CTS Supported CTS operations CTS records operations on Config for later query, audit, and backtrack. Viewing tracing logs You can view or export Config operation records of the last seven days on CTS console.
You can use the following examples to learn how to query a specific trace: Use CTS to audit Elastic Volume Service (EVS) creation and deletion operations from the last two weeks. For details, see Security Auditing.
