Using Config to Audit DEW
You can use Config to quickly create a group of DEW compliance rules to evaluate whether your resources meet compliance requirements. After compliance rules are created, multiple mechanisms can be used to trigger rule evaluation. You can check the evaluation results to learn about the compliance status of resources. For details, see Resource Compliance.
Preset DEW Policies Supported by Config
|
Policy |
Triggered By |
Object |
|---|---|---|
|
Configuration changes |
kms.keys |
|
|
Configuration changes |
kms.keys |
|
|
Configuration changes |
csms.secrets |
|
|
Configuration changes |
csms.secrets |
|
|
Configuration changes |
csms.secrets |
|
|
Triggered periodically |
csms.secrets |
Configuring DEW Audit Using Config
- Log in to the DEW console.
- Click
in the upper left corner and choose . - In the navigation pane on the left, choose Resource Conformance.
- In the displayed Rules tab, click Add Rule. Set the basic information on the displayed Basic Configurations page.
- Policy Type: Select Built-in policy.
- Built-in Policy: Click the text box, choose Tag > kms or csms, and select the policy to be audited.
Figure 1 Adding an audit rule
- Click Next. On the displayed page, set Trigger Type and Execute Every.
- Click Next, confirm the information, and click Submit.
- You can view the added compliance rule in the rule list. Click the rule name to access its details page, on which you can view the compliance evaluation result.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
