检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Solution When creating a GES graph, use KMS to encrypt the graph instance. For details, see Creating a Graph Without Using a Template. Rule Logic If a GES graph is not encrypted using KMS, this graph is noncompliant.
CTS Trackers Have Traces Encrypted Rule Details Table 1 Rule details Parameter Description Rule Name cts-kms-encrypted-check Identifier cts-kms-encrypted-check Description If a CTS tracker does not have trace encryption enabled, this tracker is noncompliant. Tag cts Trigger Type Configuration
EVS Disks Are Encrypted Rule Details Table 1 Rule details Parameter Description Rule Name volumes-encrypted-check Identifier volumes-encrypted-check Description If a mounted EVS disk is not encrypted, this disk is noncompliant. Tag evs, ecs Trigger Type Configuration change Filter
Cryptographic techniques should be used to ensure the integrity of important data storage, including but not limited to authentication data, service data, audit data, configuration data, video data, and personal information. volumes-encrypted-check Encrypt mounted cloud disks to protect
This compromises data security, and public access cannot be enabled. 2.3 Encrypt all non-console administrative access using strong cryptography. dws-enable-ssl Enable SSL for DWS clusters to protect data. 2.3 Encrypt all non-console administrative access using strong cryptography
Encrypt the AK/SK and store them into the configuration file or environment variables. // In this example, the AK and SK are stored in environment variables. Before running this example, set environment variables HUAWEICLOUD_SDK_AK and HUAWEICLOUD_SDK_SK.
Encrypt the AK/SK and store them into the configuration file or environment variables. // In this example, the AK and SK are stored in environment variables. Before running this example, set environment variables HUAWEICLOUD_SDK_AK and HUAWEICLOUD_SDK_SK.
Rule Logic If Verify Trace File, Encrypt Trace File, and Transfer to LTS are all enabled for a CTS tracker, this tracker is considered to comply with security best practices.
