All Documentation
Config
Config
All results for "
" in this service
All results for "
" in this service
What's New
Service Overview
Config Infographics
What Is Config?
Function Overview
Billing
Permissions
Basic Concepts
Relationships with Other Services
Constraints and Limitations
Getting Started
User Guide
Resource List
Viewing Resources
Querying All Resources
Querying Details About a Resource
Filtering Resources
Exporting Resource Information
Viewing Resource Compliance Data
Viewing Resource Relationships
Viewing Resource Changes
Resource Recorder
Overview
Configuring the Resource Recorder
Notifications
Storing Resources
Storing Resource Change Messages
Resource Compliance
Rule
Adding Predefined Rules
Adding a Custom Rule
Viewing Rules
Triggering Resource Compliance Evaluation
Managing a Rule
Example Custom Rules
Example Functions (Python)
Events
Organization Rules
Adding a Predefined Organization Rule
Querying an Organization Rule
Modifying an Organization Rule
Deleting an Organization Rule
Example Custom Organization Rules
Example Functions (Python)
Events
Viewing Noncompliant Resources
Compliance Rule Concepts
Policies
Rule
Evaluation Results
Predefined Policies
Predefined Policy List
General Service Policies
regular-matching-of-names
required-tag-check
resource-in-enterprise-project
resources-in-supported-region
API Gateway (APIG)
apig-instances-authorization-type-configured
apig-instances-execution-logging-enabled
apig-instances-ssl-enabled
CodeArts Deploy
codeartsdeploy-host-cluster-resource-status
MapReduce Service (MRS)
mrs-cluster-in-allowed-security-groups
mrs-cluster-in-vpc
mrs-cluster-kerberos-enabled
mrs-cluster-multiAZ-deployment
mrs-cluster-no-public-ip
NAT Gateway
private-nat-gateway-authorized-vpc-only
VPC Endpoint (VPCEP)
vpcep-endpoint-enabled
Web Application Firewall (WAF)
waf-instance-policy-not-empty
Elastic Load Balance (ELB)
elb-loadbalancers-no-public-ip
elb-predefined-security-policy-https-check
elb-tls-https-listeners-only
elb-members-weight-check
Elastic IP (EIP)
eip-bandwidth-limit
eip-unbound-check
eip-use-in-specified-days
Auto Scaling (AS)
as-capacity-rebalancing
as-group-elb-healthcheck-required
as-multiple-az
Scalable File Service (SFS)
sfsturbo-encrypted-check
Elastic Cloud Server (ECS)
allowed-ecs-flavors
allowed-images-by-id
approved-ims-by-tag
ecs-in-allowed-security-groups
ecs-instance-in-vpc
ecs-instance-key-pair-login
ecs-instance-no-public-ip
ecs-multiple-public-ip-check
stopped-ecs-date-diff
Distributed Cache Service (DCS)
dcs-memcached-enable-ssl
dcs-memcached-in-vpc
dcs-memcached-no-public-ip
dcs-memcached-password-access
dcs-redis-enable-ssl
dcs-redis-high-tolerance
dcs-redis-in-vpc
dcs-redis-no-public-ip
dcs-redis-password-access
FunctionGraph
function-graph-concurrency-check
function-graph-inside-vpc
function-graph-public-access-prohibited
function-graph-settings-check
Content Delivery Network (CDN)
cdn-enable-https-certificate
cdn-origin-protocol-no-http
cdn-security-policy-check
cdn-use-my-certificate
Config
tracker-config-enabled-check
Data Warehouse Service (DWS)
dws-enable-kms
dws-enable-log-dump
dws-enable-snapshot
dws-enable-ssl
Data Replication Service (DRS)
drs-data-guard-job-not-public
drs-migration-job-not-public
drs-synchronization-job-not-public
Data Encryption Workshop (DEW)
kms-not-scheduled-for-deletion
kms-rotation-enabled
Identity and Access Management (IAM)
access-keys-rotated
iam-customer-policy-blocked-kms-actions
iam-group-has-users-check
iam-password-policy
iam-policy-blacklisted-check
iam-policy-no-statements-with-admin-access
iam-role-has-all-permissions
iam-root-access-key-check
iam-user-access-mode
iam-user-console-and-api-access-at-creation
iam-user-group-membership-check
iam-user-last-login-check
iam-user-mfa-enabled
iam-user-single-access-key
mfa-enabled-for-iam-console-access
root-account-mfa-enabled
Document Database Service (DDS)
dds-instance-enable-ssl
dds-instance-hamode
dds-instance-has-eip
dds-instance-in-vpc
Simple Message Notification (SMN)
smn-lts-enable
Virtual Private Cloud (VPC)
vpc-acl-unused-check
vpc-default-sg-closed
vpc-flow-logs-enabled
vpc-sg-ports-check
vpc-sg-restricted-common-ports
vpc-sg-restricted-ssh
Virtual Private Network (VPN)
vpn-connections-active
Cloud Eye
alarm-action-enabled-check
alarm-kms-disable-or-delete-key
alarm-obs-bucket-policy-change
alarm-resource-check
alarm-settings-check
alarm-vpc-change
Cloud Container Engine (CCE)
cce-cluster-end-of-maintenance-version
cce-cluster-oldest-supported-version
cce-endpoint-public-access
Cloud Trace Service (CTS)
cts-kms-encrypted-check
cts-lts-enable
cts-obs-bucket-track
cts-support-validate-check
cts-tracker-exists
multi-region-cts-tracker-exists
Relational Database Service (RDS)
gaussdb-instance-in-vpc
gaussdb-nosql-deploy-in-single-az
gaussdb-nosql-enable-backup
gaussdb-nosql-enable-disk-encryption
gaussdb-nosql-enable-error-log
gaussdb-nosql-support-slow-log
rds-instance-enable-backup
rds-instance-enable-errorLog
rds-instance-enable-slowLog
rds-instance-multi-az-support
rds-instance-no-public-ip
rds-instances-enable-kms
rds-instances-in-vpc
rds-instance-logging-enabled
Cloud Search Service (CSS)
css-cluster-authority-enable
css-cluster-backup-available
css-cluster-disk-encryption-check
css-cluster-https-required
css-cluster-in-vpc
css-cluster-multiple-az-check
css-cluster-multiple-instances-check
css-cluster-no-public-zone
css-cluster-security-mode-enable
css-cluster-not-enable-white-list
css-cluster-kibana-not-enable-white-list
Elastic Volume Service (EVS)
allowed-volume-specs
evs-use-in-specified-days
volume-unused-check
volumes-encrypted-check
Cloud Certificate Manager (CCM)
pca-certificate-authority-expiration-check
pca-certificate-expiration-check
Distributed Message Service (for Kafka)
dms-kafka-not-enable-private-ssl
dms-kafka-not-enable-public-ssl
dms-kafka-public-access-enabled-check
Distributed Message Service ( for RabbitMQ)
dms-rabbitmq-not-enable-ssl
Distributed Message Service (for RocketMQ)
dms-rocketmq-not-enable-ssl
Event Monitoring
Conformance Packages
Overview
Managing Conformance Packages
Creating a Conformance Package
Viewing Conformance Packages and Compliance Data
Deleting a Conformance Package
Organization Conformance Packages
Creating an Organization Conformance Package
Viewing Organization Conformance Packages
Deleting Organization Conformance Packages
Custom Conformance Packages
Conformance Package Templates
Overview
Compliance Package for Classified Protection of Cybersecurity Level 3 (2.0)
Conformance Package for Financial Industry
Conformance Package for Network Security
Conformance Package for Identity and Access Management
Conformance Package for CES
Conformance Package for Compute Services
Conformance Package for ECS
Conformance Package for ELB
Conformance Package for Management and Regulatory Services
Conformance Package for RDS
Conformance Package for AS
Conformance Package for CTS
Conformance Package for AI and Machine Learning
Conformance Package for Autopilot
Conformance Package for for Enabling Public Access
Conformance Package for Logging and Monitoring
Conformance Package for Idle Asset Management
Conformance Package for Architecture Reliability
Conformance Package for China Hong Kong (China) Monetary Authority Requirements
Conformance Package for ENISA Requirements
Compliance Package for SWIFT CSP
Compliance Package for Germany Cloud Computing Compliance Criteria Catalogue
Compliance Package for PCI DSS
Conformance Package for Healthcare Industry
Advanced Queries
Overview
Restrictions
Creating a Query
Viewing a Query
Modifying a Query
Deleting a Query
Resource Aggregation
Overview
Restrictions
Creating a Resource Aggregator
Viewing Resource Aggregators
Editing an Aggregator
Deleting a Resource Aggregator
Viewing Aggregated Rules
Viewing Aggregated Resources
Authorizing an Aggregator Account
Advanced Queries
Cloud Trace Service
Supported CTS Operations
Querying Real-Time Traces
Appendix
Supported Services and Regions
Relationships with Supported Resources
Message Notification Models
Resource Storage Models
Models of Resource Change Notification Storage
DSL Syntax
Logical Operators
Conditions
Expressions
ResourceQL Syntax
Overview
Syntax
Functions
Change History
API Reference
Before You Start
Introduction
API Calling
Endpoints
Concepts
Querying Data by Page
API Overview
Calling APIs
Making an API Request
Authentication
Response
APIs
Resource Query
Querying Resources of a Specific Type
Listing Cloud Services
Querying a Resource
Listing Resources Recorded by the Resource Recorder
Querying how many resources are recorded by the resource recorder
Querying resource tags recorded by the resource recorder
Querying resource overview recorded by the resource recorder
Querying a specific resource recorded by the resource recorder
Querying All Resources Under Your Account
Querying a Resource Under Your Account
Querying Resource Tags
Querying the Number of Resources
Querying a Resource Summary
Resource Recorder
Querying the Resource Recorder
Deleting the Resource Recorder
Creating or Modifying the Resource Recorder
Resource Relationships
Querying Resource Relationships
Querying Details About Resource Relationships
Resource Change Records
Querying Change Records of a Resource
Compliance
Querying All Built-in Policies
Querying a Built-in Policy
Adding a Rule
Querying All Rules
Modifying a Rule
Querying a Rule
Deleting a Rule
Enabling a Rule
Disabling a Rule
Running a Resource Compliance Evaluation
Querying the Evaluation Status of a Rule
Querying the Compliance Results of a Resource
Querying All Compliance Results of Resources Evaluated by a Rule
Querying All Compliance Results of Resources Under a User
Updating the Compliance Result
Creating an Organization Rule
Querying Organization Rules
Querying a Specific Organization Rule
Deleting an Organization Rule
Updating an Organization Rule
Querying Statuses of Organization Rules
Querying Details About the Rule Statuses of Each Member Account in an Organization
Region Management
Querying Regions Visible to You
Advanced Queries
Running Advanced Queries
Creating an Advanced Query
Listing Advanced Queries
Querying an Advanced Query
Updating an Advanced Query
Deleting an Advanced Query
Querying Schemas
Resource Aggregators
Creating a Resource Aggregator
Querying Resource Aggregators
Querying a Specific Resource Aggregator
Querying the Status of a Specific Resource Aggregator Account
Updating a Resource Aggregator
Deleting a Resource Aggregator
Authorizing a Resource Aggregator Account
Querying Authorized Resource Aggregators Accounts
Deleting Authorization for a Resource Aggregator Account
Querying All Pending Aggregation Requests
Deleting Pending Authorization Requests
Querying the Number of Resources of a Resource Aggregator Account
Querying Resources of a Resource Aggregator Account
Querying Details About a Specific Resource in a Source Account
Performing an Advanced Query on a Specific Aggregator
Querying the Compliance Summary of One or More Source Accounts in an Aggregator
Querying Aggregated Rules
Querying Compliance Results of Aggregated Resources
Querying Details About a Specified Aggregated Rule
Conformance Packages
Querying Conformance Packages
Creating a Conformance Package
Querying a Conformance Package
Deleting a Conformance Package
Updating a Conformance Package
Querying the Compliance Results of Conformance Packages
Querying the Compliance Results of Rules in a Conformance Package
Querying the Details about Compliance Results of Resources Evaluated by Rules in a Conformance Package
Querying Scores of Conformance Packages
Querying Built-in Conformance Package Templates
Querying a Built-in Conformance Package Template
Create a conformance package.
List organization conformance packages.
View organization conformance packages.
Delete organization conformance packages.
Update organization conformance packages.
View deployment status of organization conformance packages.
View deployment status of an organization conformance package.
Permissions Policies and Supported Actions
Permissions Policies and Supported Actions
Resource List
Resource Recorder
Resource Compliance
Advanced Queries
Resource Aggregation
Conformance Packages
Appendixes
Error Codes
Supported Services and Resource Types
Obtaining an Account ID
Status Codes
Obtaining a Project ID
Change History
SDK Reference
SDK Overview
FAQs
Resource List FAQs
Resource Compliance
Resource Recorder
General Reference
Glossary
Service Level Agreement
White Papers
Endpoints
Permissions