Best Practices for Data Transmission Encryption
The following table lists the rules and solutions included in this conformance package template.
|
Rule |
Cloud Service |
Description |
|---|---|---|
|
apig-instances-ssl-enabled |
apig |
If no SSL certificates are attached to a dedicated APIG gateway, this gateway is considered noncompliant. |
|
cdn-enable-https-certificate |
cdn |
If a domain does not have an HTTPS certificate configured, this domain is noncompliant. |
|
cdn-origin-protocol-no-http |
cdn |
If a domain does not have HTTPS configured for communication between CDN and origins, this domain is noncompliant. |
|
css-cluster-https-required |
css |
If a CSS cluster does not have HTTPS enabled, this cluster is noncompliant. |
|
css-cluster-security-mode-enable |
css |
If a CSS cluster does not support the security mode, this cluster is noncompliant. |
|
dcs-memcached-enable-ssl |
dcs |
If a DCS Memcached instance can be accessed through public networks but does not support SSL, this instance is noncompliant. |
|
dcs-redis-enable-ssl |
dcs |
If a DCS Redis instance can be accessed over public networks but does not support SSL, this instance is noncompliant. |
|
dds-instance-enable-ssl |
dds |
If SSL is not enabled for a DDS instance, this instance is noncompliant. |
|
dms-kafka-not-enable-private-ssl |
dms |
If a DMS Kafka instance does not enable SSL for private access, this instance is noncompliant. |
|
dms-kafka-not-enable-public-ssl |
dms |
If a DMS Kafka instance does not enable SSL for public access, this instance is noncompliant. |
|
dms-rabbitmq-not-enable-ssl |
dms |
If a DMS RabbitMQ instance does not have SSL enabled, this instance is noncompliant. |
|
dms-rocketmq-not-enable-ssl |
dms |
If a DMS RocketMQ instance does not have SSL enabled, this instance is noncompliant. |
|
dws-enable-ssl |
dws |
If SSL is not enabled for a DWS cluster, this cluster is noncompliant. |
|
elb-http-to-https-redirection-check |
elb |
If an HTTP listener does not have redirecting requests to an HTTPS listener enabled, this HTTP listener is noncompliant. |
|
elb-tls-https-listeners-only |
elb |
If any listener of a load balancer does not have the frontend protocol set to HTTPS, this load balancer is noncompliant. |
|
gaussdb-instance-ssl-enable |
gaussdb |
If a GaussDB instance does not have SSL enabled, this instance is noncompliant. |
|
gaussdb-mysql-instance-ssl-enable |
gaussdbformysql |
If a GaussDB(for MySQL) instance does not have SSL enabled, this instance is noncompliant. |
|
obs-bucket-ssl-requests-only |
obs |
If an OBS bucket allows HTTP requests, this bucket is noncompliant. |
|
rds-instance-ssl-enable |
rds |
If SSL is not enabled for an RDS instance, this instance is noncompliant. |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
