Alarms Have Been Created for OBS Bucket Policy Changes
Rule Details
|
Parameter |
Description |
|---|---|
|
Rule Name |
alarm-obs-bucket-policy-change |
|
Identifier |
Alarms Have Been Created for OBS Bucket Policy Changes |
|
Description |
If there are no alarm rules configured for bucket policy changes, the check result is non-compliant. |
|
Tag |
ces, obs |
|
Trigger Type |
Periodic |
|
Filter Type |
Account |
|
Rule Parameters |
None |
Application Scenarios
You can set alarm rules for key metrics of cloud services. When the conditions in the alarm rule are met, Cloud Eye sends email, or text message, or sends HTTP/HTTPS messages, enabling you to quickly respond to resource changes. For details, see Alarm Overview.
For details about the events supported by Cloud Eye, seeEvents Supported by Event Monitoring. You need to pay special attention to the "setBucketPolicy" and "deleteBucketPolicy" events for OBS. If bucket policies are changed by mistake, services may be interrupted due to data unavailability, or data leakage may occur due to excessive permissions.
Solution
Create related alarm rules.
Rule Logic
- If there are no alarm rules configured for modifying or deleting OBS bucket policies, this rule is non-compliant.
- If there are alarm rules configured for modifying or deleting OBS bucket policies, this rule is compliant.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
