Conformance Package for Architecture Reliability
The following table describes the compliance rules and solutions in the sample template.
Rule Identifier |
Cloud Service |
Description |
---|---|---|
apig-instances-execution-logging-enabled |
apig |
If logging is not enabled for a dedicated API gateway, this gateway is considered non-compliant. |
as-group-elb-healthcheck-required |
as |
If an AS group is not using Elastic Load Balancing health check, the result is noncompliant. |
cts-lts-enable |
cts |
If Transfer to LTS is not enabled for a CTS tracker, this tracker is noncompliant. |
cts-obs-bucket-track |
cts |
If there are no trackers created for the specified OBS bucket, the result is noncompliant. |
cts-tracker-exists |
cts |
If there is no tracker in the current account, the result is noncompliant. |
dws-enable-kms |
dws |
If KMS encryption is not enabled for a DWS cluster, this cluster is noncompliant. |
ecs-instance-in-vpc |
ecs, vpc |
If there is an ECS that is not within the specified VPC, the result is noncompliant. |
function-graph-concurrency-check |
fgs |
If the number of concurrent requests of a function is not within the specified range, this function is noncompliant. |
gaussdb-nosql-enable-disk-encryption |
gaussdb nosql |
If Disk Encryption is disabled for a GaussDB NoSQL instance, this instance is noncompliant. |
kms-not-scheduled-for-deletion |
kms |
If a KMS key is scheduled for deletion, this key is noncompliant. |
multi-region-cts-tracker-exists |
cts |
If there are no trackers in any of the specified regions, the result is noncompliant. |
rds-instance-enable-backup |
rds |
If backup is not enabled for an RDS instance, this instance is noncompliant. |
rds-instance-multi-az-support |
rds |
If an RDS cluster is deployed in a single availability zone, this cluster is noncompliant. |
rds-instances-enable-kms |
rds |
If KMS encryption is not enabled for an RDS instance, this instance is noncompliant. |
sfsturbo-encrypted-check |
sfsturbo |
If KMS encryption is not enabled for an SFS Turbo file system, this file system is noncompliant. |
volumes-encrypted-check |
ecs, evs |
If a mounted EVS disk is not encrypted, this disk is noncompliant. |
vpc-flow-logs-enabled |
vpc |
If there is a flow log that has not been enabled for a VPC, this VPC is noncompliant. |
vpn-connections-active |
vpnaas |
Ensure normal VPC connections. |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot