Help Center/ Config/ User Guide/ Conformance Packages/ Conformance Package Templates/ Conformance Package for Identity and Access Management
Updated on 2024-10-28 GMT+08:00

Conformance Package for Identity and Access Management

The following table lists the rules and solutions included in this conformance package template.

Table 1 Conformance package description

Rule

Cloud Service

Description

access-keys-rotated

iam

If an IAM user's access key is not rotated within the specified number of days, this user is noncompliant.

iam-group-has-users-check

iam

If an IAM user group has no user, this user group is noncompliant.

iam-password-policy

iam

If the password of an IAM user does not meet the password strength requirements, this IAM user is noncompliant.

iam-root-access-key-check

iam

If the root user access key is available, this rule is noncompliant.

iam-user-console-and-api-access-at-creation

iam

If an IAM user who is allowed to access Huawei Cloud console has AK/SK created, this user is noncompliant.

iam-user-group-membership-check

iam

If an IAM user is not in any of the specified IAM user groups, this user is noncompliant.

iam-user-last-login-check

iam

If an IAM user does not log in to the system within the specified time range, the result is non-compliant.

iam-user-mfa-enabled

iam

If multi-factor authentication is not enabled for an IAM user, this user is noncompliant.

iam-user-single-access-key

iam

If multiple access keys are in the active state for an IAM user, this user is noncompliant.

mfa-enabled-for-iam-console-access

iam

If MFA is not enabled for an IAM user who has a console password, this IAM user is noncompliant.

root-account-mfa-enabled

iam

If multi-factor authentication is not enabled for the root user, the root user is noncompliant.