Conformance Package for Identity and Access Management
The following table lists the rules and solutions included in this conformance package template.
Rule |
Cloud Service |
Description |
---|---|---|
access-keys-rotated |
iam |
If an IAM user's access key is not rotated within the specified number of days, this user is noncompliant. |
iam-group-has-users-check |
iam |
If an IAM user group has no user, this user group is noncompliant. |
iam-password-policy |
iam |
If the password of an IAM user does not meet the password strength requirements, this IAM user is noncompliant. |
iam-root-access-key-check |
iam |
If the root user access key is available, this rule is noncompliant. |
iam-user-console-and-api-access-at-creation |
iam |
If an IAM user who is allowed to access Huawei Cloud console has AK/SK created, this user is noncompliant. |
iam-user-group-membership-check |
iam |
If an IAM user is not in any of the specified IAM user groups, this user is noncompliant. |
iam-user-last-login-check |
iam |
If an IAM user does not log in to the system within the specified time range, the result is non-compliant. |
iam-user-mfa-enabled |
iam |
If multi-factor authentication is not enabled for an IAM user, this user is noncompliant. |
iam-user-single-access-key |
iam |
If multiple access keys are in the active state for an IAM user, this user is noncompliant. |
mfa-enabled-for-iam-console-access |
iam |
If MFA is not enabled for an IAM user who has a console password, this IAM user is noncompliant. |
root-account-mfa-enabled |
iam |
If multi-factor authentication is not enabled for the root user, the root user is noncompliant. |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot