Documentação AWS Config Guia do desenvolvedor

As traduções são geradas por tradução automática. Em caso de conflito entre o conteúdo da tradução e da versão original em inglês, a versão em inglês prevalecerá.

Lista de AWS Config Regras gerenciadas por modo de avaliação

AWS Config atualmente oferece suporte às seguintes regras gerenciadas. Antes de usar essas regras, consulte Considerações.

Avaliação proativa

Regras proativas são regras que oferecem suporte ao modo de avaliação proativa para recursos que não foram implantados. Isso permite avaliar se um conjunto de propriedades de recursos, se usado para definir um AWS recurso, seria COMPATÍVEL ou NÃO COMPATÍVEL, considerando o conjunto de regras proativas que você tem em sua conta na sua região. Para obter mais informações, consulte Modos de avaliação.

nota

As regras proativas não corrigem os recursos marcados como NON_COMPLIANT nem impedem que eles sejam implantados.

eip-attached
subnet-auto-assign-public-ip-disabled

Avaliação de detecção

Regras de detecção são regras que são compatíveis com o modo de avaliação de detecção para o recurso que já foi implantado. Isso permite avaliar as definições de configuração de seus recursos existentes.

nota

Atualmente, todas as AWS Config regras apoiam a avaliação de detetives.

access-keys-rotated
account-part-of-organizations
acmpca-certificate-authority-tagged
acm-certificate-expiration-check
acm-certificate-rsa-check
habilitado para registro transparente de certificados acm
acm-pca-root-ca-disabled
active-mq-supported-version
alb-desync-mode-check
alb-http-drop-invalid-header-enabled
alb-http-to-https-redirection-check
alb-internal-scheme-check
alb-listener-tagged
alb-tagged
alb-waf-enabled
amplify-app-branch-auto-deletion-enabled
amplify-app-build-spec-configurado
amplify-app-description
amplify-app-no-environment-variables
verificação da plataforma do aplicativo amplify
amplify-app-tagged
amplify-branch-autobuild-habilitado
amplify-branch-build-spec-configurado
amplify-branch-description
amplify-branch-framework-configurado
amplify-branch-performance-mode-enabled
amplify-branch-pull-request-preview-habilitado
amplify-branch-tagged
apigatewayv2-integration-private-https habilitado
apigatewayv2-stage-description
apigateway-domain-name-tls-check
apigateway-stage-access-logs-enabled
apigateway-stage-description
api-gwv2-access-logs-enabled
api-gwv2-authorization-type-configured
api-gwv2-stage-default-route-detailed-metrics-enabled
api-gw-associated-with-waf
api-gw-cache-enabled-and-encrypted
api-gw-endpoint-type-check
api-gw-execution-logging-enabled
api-gw-rest-api-tagged
api-gw-ssl-enabled
api-gw-stage-tagged
api-gw-xray-enabled
appconfig-application-description
appconfig-application-tagged
appconfig-configuration-profile-tagged
appconfig-configuration-profile-validators-not-empty
appconfig-deployment-strategy-description
appconfig-deployment-strategy-minimum-final-bake-time
appconfig-deployment-strategy-replicate-to-ssm
appconfig-deployment-strategy-tagged
appconfig-environment-description
appconfig-environment-tagged
appconfig-extension-association-tagged
appconfig-freeform-profile-config-storage
appconfig-hosted-configuration-version-description
appflow-flow-tagged
appflow-flow-trigger-type-check
verificação de origens aprovadas pelo aplicativo de integrações de aplicativos
integrações de aplicativos com tag de aplicativo
appintegrations-event-integration-description
appintegrations-event-integration-tagged
appmesh-gateway-route-tagged
appmesh-mesh-deny-tcp-forwarding
appmesh-mesh-ip-pref-check
appmesh-mesh-tagged
appmesh-route-tagged
appmesh-virtual-gateway-backend-defaults-tls
appmesh-virtual-gateway-listeners-health-check-enabled
appmesh-virtual-gateway-logging-file-path-exists
appmesh-virtual-gateway-tagged
appmesh-virtual-node-backend-defaults-tls-on
appmesh-virtual-node-cloud-map-ip-pref-check
appmesh-virtual-node-dns-ip-pref-check
appmesh-virtual-node-listeners-health-check-enabled
appmesh-virtual-node-listeners-outlier-detect-enabled
appmesh-virtual-node-logging-file-path-exists
appmesh-virtual-node-service-backends-tls-enforced
appmesh-virtual-node-tagged
appmesh-virtual-router-tagged
appmesh-virtual-service-tagged
approved-amis-by-id
approved-amis-by-tag
apprunner-service-in-vpc
apprunner-service-ip-address-type-check
apprunner-service-max-unhealthy-threshold
apprunner-service-no-public-access
apprunner-service-observability-enabled
apprunner-service-tagged
apprunner-vpc-connector-tagged
appstream-fleet-in-vpc
appsync-associated-with-waf
appsync-authorization-check
appsync-cache-ct-encryption-at-rest
appsync-cache-ct-encryption-in-transit
appsync-cache-encryption-at-rest
appsync-graphql-api-xray-enabled
appsync-logging-enabled
aps-rule-groups-namespace-tagged
athena-data-catalog-description
athena-prepared-statement-description
athena-workgroup-description
athena-workgroup-encrypted-at-rest
athena-workgroup-enforce-workgroup-configuration
athena-workgroup-engine-version-auto-upgrade
athena-workgroup-logging-enabled
auditmanager-assessment-tagged
aurora - criptografia global de banco de dados em repouso
aurora-last-backup-recovery-point-created
aurora-meets-restore-time-target
aurora-mysql-backtracking-enabled
aurora-mysql-cluster-audit-logging
aurora-resources-in-logically-air-gapped-vault
aurora-resources-protected-by-backup-plan
autoscaling-capacity-rebalancing
autoscaling-group-elb-healthcheck-required
autoscaling-launchconfig-requires-imdsv2
autoscaling-launch-config-hop-limit
autoscaling-launch-config-public-ip-disabled
autoscaling-launch-template
autoscaling-multiple-az
autoscaling-multiple-instance-types
backup-plan-min-frequency-and-min-retention-check
backup-recovery-point-encrypted
backup-recovery-point-manual-deletion-disabled
backup-recovery-point-minimum-retention-check
batch-compute-environment-enabled
batch-compute-environment-managed
batch-compute-environment-tagged
batch-job-queue-enabled
batch-job-queue-tagged
batch-managed-compute-environment-using-launch-template
batch-managed-compute-env-allocation-strategy-check
batch-managed-compute-env-compute-resources-tagged
batch-managed-spot-compute-environment-max-bid
batch-scheduling-policy-tagged
beanstalk-enhanced-health-reporting-enabled
bedrockagentcore-gateway-authorizer-habilitado
bedrockagentcore runtime-é necessário ter uma rede privada
bedrock-agentcore com criptografia de memória habilitada
cassandra-keyspace-tagged
clb-desync-mode-check
clb-multiple-az
cloudformation-stack-drift-detection-check
cloudformation-stack-notification-check
verificação da função do serviço cloudformation-stack-service
verificação de proteção contra encerramento de formação de nuvem
cloudfront-accesslogs-enabled
cloudfront-associated-with-waf
cloudfront-custom-ssl-certificate
cloudfront-default-root-object-configured
habilitado para grupos de chaves de distribuição do cloudfront
cloudfront-no-deprecated-ssl-protocols
cloudfront-origin-access-identity-enabled
cloudfront-origin-failover-enabled
cloudfront-origin-lambda-url-oac-enabled
cloudfront-s3-origin-access-control-enabled
cloudfront-s3-origin-non-existent-bucket
cloudfront-security-policy-check
cloudfront-sni-enabled
cloudfront-ssl-policy-check
cloudfront-traffic-to-origin-encrypted
cloudfront-viewer-policy-https
cloudtrail-all-read-s3-data-event-check
cloudtrail-all-write-s3-data-event-check
cloudtrail-event-data-store-multi-região
cloudtrail-s3-bucket-access-logging
cloudtrail-s3-bucket-public-access-prohibited
cloudtrail-s3-dataevents-enabled
cloudtrail-security-trail-enabled
cloudwatch-alarm-action-check
cloudwatch-alarm-action-enabled-check
descrição do alarme do cloudwatch
cloudwatch-alarm-resource-check
cloudwatch-alarm-settings-check
cloudwatch-log-group-encrypted
cloudwatch-metric-stream-tagged
cloud-trail-cloud-watch-logs-enabled
cloud-trail-enabled
cloud-trail-encryption-enabled
cloud-trail-log-file-validation-enabled
cmk-backing-key-rotation-enabled
codeartifact-repository-etiquetado
codebuild-project-artifact-encryption
codebuild-project-environment-privileged-check
codebuild-project-envvar-awscred-check
codebuild-project-logging-enabled
codebuild-project-s3-logs-encrypted
codebuild-project-source-repo-url-check
codebuild-project etiquetado
codebuild-report-group-encrypted-at-rest
codebuild-report-group-tagged
codedeploy-auto-rollback-monitor-enabled
codedeploy-deployment-group-auto-rollback-enabled
codedeploy-deployment-group-outdated-instances-update
codedeploy-ec2-minimum-healthy-hosts-configured
codedeploy-lambda-allatonce-traffic-shift-disabled
codeguruprofiler-profiling-group-tagged
codegurureviewer-repository-association-tagged
codepipeline-deployment-count-check
codepipeline-region-fanout-check
cognito-identity-pool-unauthenticated-logins
cognito-identity-pool-unauth-access-check
cognito-userpool-cust-auth-threat-full-check
cognito-user-pool-advanced-security-enabled
proteção de exclusão do cognito-user-pool ativada
habilitado para cognito-user-pool-mfa
cognito-user-pool-password-policy-check
cognito-user-pool-tagged
connect-instance-logging-enabled
customerprofiles-domain-tagged
customerprofiles-object-type-allow-profile-creation
customerprofiles-object-type-tagged
custom-eventbus-policy-attached
custom-schema-registry-policy-attached
cw-loggroup-retention-period-check
datasync-location-object-storage-using-https
datasync-task-data-verification-enabled
datasync-task-logging-enabled
datasync-task-tagged
dax-encryption-enabled
dax-tls-endpoint-encryption
db-instance-backup-enabled
desired-instance-tenancy
desired-instance-type
devicefarm-instance-profile-tagged
devicefarm-project-tagged
devicefarm-test-grid-project-tagged
dms-auto-minor-version-upgrade-check
dms-endpoint-ssl-configured
dms-endpoint-tagged
dms-mongo-db-authentication-enabled
dms-neptune-iam-authorization-enabled
dms-redis-tls-enabled
dms-replication-instance-multi-az-enabled
dms-replication-not-public
dms-replication-task-sourcedb-logging
dms-replication-task-tagged
dms-replication-task-targetdb-logging
docdb-cluster-audit-logging-enabled
docdb-cluster-backup-retention-check
docdb-cluster-deletion-protection-enabled
docdb-cluster-encrypted
docdb-cluster-encrypted-in-transit
docdb-cluster-snapshot-public-prohibited
dynamodb-autoscaling-enabled
dynamodb-in-backup-plan
dynamodb-last-backup-recovery-point-created
dynamodb-meets-restore-time-target
dynamodb-pitr-enabled
dynamodb-resources-protected-by-backup-plan
dynamodb-table-deletion-protection-enabled
dynamodb-table-encrypted-kms
dynamodb-table-encryption-enabled
dynamodb-throughput-limit-check
ebs-in-backup-plan
ebs-last-backup-recovery-point-created
ebs-meets-restore-time-target
ebs-optimized-instance
ebs-resources-in-logically-air-gapped-vault
ebs-resources-protected-by-backup-plan
ebs-snapshot-block-public-access
ebs-snapshot-public-restorable-check
ec2-capacity-reservation-tagged
ec2-carrier-gateway-tagged
ec2-client-vpn-connection-log-enabled
ec2-client-vpn-endpoint-tagged
ec2-client-vpn-not-authorize-all
ec2-dhcp-options-tagged
ec2-ebs-encryption-by-default
ec2-enis-source-destination-check-enabled
ec2-fleet-tagged
ec2-imdsv2-check
ec2-instance-detailed-monitoring-enabled
ec2-instance-launched-with-allowed-ami
ec2-instance-managed-by-ssm
ec2-instance-multiple-eni-check
ec2-instance-no-public-ip
ec2-instance-profile-attached
com etiqueta ec2-ipamscope
ec2-last-backup-recovery-point-created
ec2-launchtemplate-ebs-encrypted
ec2-launch-templates-ebs-volume-encrypted
ec2-launch-template-imdsv2-check
ec2-launch-template-public-ip-disabled
ec2-launch-template-tagged
ec2-managedinstance-applications-blacklisted
ec2-managedinstance-applications-required
ec2-managedinstance-association-compliance-status-check
ec2-managedinstance-inventory-blacklisted
ec2-managedinstance-patch-compliance-status-check
ec2-managedinstance-platform-check
ec2-meets-restore-time-target
ec2-network-insights-access-scope-analysis-tagged
ec2-network-insights-access-scope-tagged
ec2-network-insights-analysis-tagged
ec2-network-insights-path-tagged
ec2-no-amazon-key-pair
ec2-paravirtual-instance-check
ec2-prefix-list-tagged
ec2-resources-in-logically-air-gapped-vault
ec2-resources-protected-by-backup-plan
ec2-security-group-attached-to-eni
ec2-security-group-attached-to-eni-periodic
ec2-spot-fleet-request-ct-encryption-at-rest
ec2-stopped-instance
ec2-token-hop-limit-check
ec2-traffic-mirror-filter-description
ec2-traffic-mirror-filter-tagged
ec2-traffic-mirror-session-description
ec2-traffic-mirror-session-tagged
ec2-traffic-mirror-target-description
ec2-traffic-mirror-target-tagged
ec2-transit-gateway-auto-vpc-attach-disabled
ec2-transit-gateway-multicast-domain-tagged
ec2-volume-inuse-check
verificação de versão ike-connection-ec2-vpn-connection-ike-version-check
ec2-vpn-connection-logging-enabled
ec2-vpn-connection-tagged
ecr-private-image-scanning-enabled
ecr-private-lifecycle-policy-configured
ecr-private-tag-immutability-enabled
ecr-repository-cmk-encryption-enabled
ecr-repository-tagged
ecs-awsvpc-networking-enabled
ecs-capacity-provider-tagged
verificação de terminação do provedor de capacidade ecs
ecs-containers-nonprivileged
ecs-containers-readonly-access
ecs-container-insights-enabled
ecs-fargate-latest-platform-version
ecs-no-environment-secrets
habilitado para ecs-service-propagate-tags
ecs-task-definition-efs-encryption-enabled
ecs-task-definition-linux-user-non-root
ecs-task-definition-log-configuration
ecs-task-definition-memory-hard-limit
ecs-task-definition-network-mode-not-host
ecs-task-definition-nonroot-user
ecs-task-definition-pid-mode-check
ecs-task-definition-user-for-host-mode-check
ecs-task-definition-windows-user-non-admin
efs-access-point-enforce-root-directory
efs-access-point-enforce-user-identity
efs-automatic-backups-enabled
efs-encrypted-check
efs-filesystem-ct-encrypted
efs-file-system-tagged
efs-in-backup-plan
efs-last-backup-recovery-point-created
efs-meets-restore-time-target
efs-mount-target-public-accessible
efs-resources-in-logically-air-gapped-vault
efs-resources-protected-by-backup-plan
eip-attached
eks-addon-tagged
eks-cluster-logging-enabled
eks-cluster-log-enabled
eks-cluster-oldest-supported-version
eks-cluster-secrets-encrypted
eks-cluster-supported-version
eks-endpoint-no-public-access
eks-fargate-profile-tagged
verificação de versão suportada pelo eks-nodegroup
eks-secrets-encrypted
elasticache-automatic-backup-check-enabled
elasticache-auto-minor-version-upgrade-check
elasticache-rbac-auth-enabled
elasticache-redis-cluster-automatic-backup-check
elasticache-repl-grp-auto-failover-enabled
elasticache-repl-grp-encrypted-at-rest
elasticache-repl-grp-encrypted-in-transit
elasticache-repl-grp-redis-auth-enabled
elasticache-subnet-group-check
elasticache-supported-engine-version
elasticbeanstalk-application-description
elasticbeanstalk-application-version-description
elasticbeanstalk-environment-description
elasticsearch-encrypted-at-rest
elasticsearch-in-vpc-only
elasticsearch-logs-to-cloudwatch
elasticsearch-node-to-node-encryption-check
elastic-beanstalk-logs-to-cloudwatch
elastic-beanstalk-managed-updates-enabled
elbv2-acm-certificate-required
elbv2-listener-encryption-in-transit
elbv2-multiple-az
elbv2-predefined-security-policy-ssl-check
elbv2-targetgroup-healthcheck-protocol criptografado
criptografado com protocolo de grupo-alvo elbv2
elb-acm-certificate-required
elb-cross-zone-load-balancing-enabled
elb-custom-security-policy-ssl-check
elb-deletion-protection-enabled
elb-internal-scheme-check
elb-logging-enabled
elb-predefined-security-policy-ssl-check
elb-tagged
elb-tls-https-listeners-only
emr-block-public-access
emr-kerberos-enabled
emr-master-no-public-ip
emr-security-configuration-encryption-rest
emr-security-configuration-encryption-transit
encrypted-volumes
esquemas de eventos - descobridor - etiquetado
esquemas de eventos - com tag de registro
event-data-store-cmk-encryption-enabled
evidently-launch-description
evidently-launch-tagged
evidently-project-description
evidently-project-tagged
evidently-segment-description
evidently-segment-tagged
fis-experiment-template-log-configuration-exists
fis-experiment-template-tagged
fms-shield-resource-policy-check
fms-webacl-resource-policy-check
fms-webacl-rulegroup-association-check
frauddetector-entity-type-tagged
frauddetector-label-tagged
frauddetector-outcome-tagged
frauddetector-variable-tagged
fsx-last-backup-recovery-point-created
fsx-lustre-copy-tags-to-backups
fsx-meets-restore-time-target
fsx-ontap-deployment-type-check
fsx-openzfs-copy-tags-enabled
fsx-openzfs-deployment-type-check
fsx-resources-protected-by-backup-plan
fsx-windows-audit-log-configured
fsx-windows-deployment-type-check
glb-listener-tagged
glb-tagged
global-endpoint-event-replication-enabled
glue-job-logging-enabled
glue-ml-transform-encrypted-at-rest
glue-ml-transform-tagged
glue-spark-job-supported-version
etiquetado com a configuração da estação terrestre
groundstation-dataflow endpointgroup-etiquetado
groundstation - perfil de missão - etiquetado
guardduty-ec2-protection-runtime-enabled
guardduty-ecs-protection-runtime-enabled
guardduty-eks-protection-audit-enabled
guardduty-eks-protection-runtime-enabled
guardduty-enabled-centralized
guardduty-lambda-protection-enabled
guardduty-malware-protection-enabled
guardduty-non-archived-findings
guardduty-rds-protection-enabled
guardduty-runtime-monitoring-enabled
guardduty-s3-protection-enabled
etiqueta healthlake-fhir datastore
iam-customer-policy-blocked-kms-actions
iam-external-access-analyzer-enabled
iam-group-has-users-check
iam-inline-policy-blocked-kms-actions
iam-no-inline-policy-check
verificação da lista de identificação do cliente iam-oidc-provider-client-
iam-oidc-provider-tagged
iam-password-policy
iam-policy-blacklisted-check
descrição da política do iam
iam-policy-in-use
iam-policy-no-statements-with-admin-access
iam-policy-no-statements-with-full-access
iam-role-managed-policy-check
iam-root-access-key-check
iam-saml-provider-tagged
iam-server-certificate-expiration-check
iam-server-certificate-tagged
iam-user-group-membership-check
iam-user-mfa-enabled
iam-user-no-policies-check
iam-user-unused-credentials-check
construtor de imagens - configuração de distribuição - etiquetado
imagebuilder - imagepipeline - etiquetado
construtor de imagens - receita de imagem - ebs-volumes criptografados
construtor de imagens - receita de imagem - etiquetada
construtor de imagens - configuração de infraestrutura - etiquetado
incoming-ssh-disabled
inspector-ec2-scan-enabled
inspector-ecr-scan-enabled
inspector-lambda-code-scan-enabled
inspector-lambda-standard-scan-enabled
instances-in-vpc
internet-gateway-authorized-vpc-only
iotdevicedefender-custom-metric-tagged
iotevents-alarm-model-tagged
iotevents-detector-model-tagged
iotevents-input-tagged
iotsitewise-asset-model-tagged
iotsitewise-dashboard-tagged
iotsitewise-gateway-tagged
iotsitewise-portal-tagged
iotsitewise-project-tagged
iottwinmaker-component-type-tagged
iottwinmaker-entity-tagged
iottwinmaker-scene-tagged
iottwinmaker-sync-job-tagged
iottwinmaker-workspace-tagged
iotwireless-fuota-task-tagged
iotwireless-multicast-group-tagged
iotwireless-service-profile-tagged
iot-authorizer-token-signing-enabled
iot-job-template-tagged
iot-provisioning-template-description
iot-provisioning-template-jitp
iot-provisioning-template-tagged
iot-scheduled-audit-tagged
ivs-channel-playback-authorization-enabled
ivs-channel-tagged
ivs-playback-key-pair-tagged
ivs-recording-configuration-tagged
etiquetado com índice kendra
canal de sinalização de vídeo kinesis - etiquetado
streaming de vídeo em kinesis com a tag
kinesis-firehose-delivery-stream-encrypted
kinesis-stream-backup-retention-check
kinesis-stream-encrypted
kinesis-video-stream-minimum-data-retention
kms-cmk-not-scheduled-for-deletion
kms-key-policy-no-public-access
kms-key-tagged
lambda-concurrency-check
lambda-dlq-check
verificação do nível de registro do aplicativo da função lambda
lambda-function-description
formato de log de funções lambda - json
lambda-function-public-access-prohibited
lambda-function-settings-check
verificação do nível de registro do sistema de funções lambda
lambda-function-xray-enabled
lambda-inside-vpc
lambda-vpc-multi-az-check
lightsail-bucket-allow-public-overrides-desativado
versão de objetos lightsail-bucket-ativada
etiquetado com lightsail-bucket
certificado lightsail-etiquetado
etiquetado com disco lightsail-disk
macie-auto-sensitive-data-discovery-check
macie-status-check
mariadb-publish-logs-to-cloudwatch-logs
configuração de empacotamento do pacote de mídia - etiquetada
configuração de reprodução personalizada de mídia com tag
memorydb-subnetgroup etiquetado
mfa-enabled-for-iam-console-access
mq-active-broker-ldap-authentication
mq-active-deployment-mode
mq-active-single-instance-broker-storage-type-efs
mq-automatic-minor-version-upgrade-enabled
mq-auto-minor-version-upgrade-enabled
mq-broker-general-logging-enabled
mq-cloudwatch-audit-logging-enabled
mq-cloudwatch-audit-log-enabled
mq-no-public-access
mq-rabbit-deployment-mode
msk-cluster-public-access-disabled
msk-cluster-tagged
msk-connect-connector-logging-enabled
msk-enhanced-monitoring-enabled
msk-in-cluster-node-require-tls
msk-unrestricted-access-check
multi-region-cloud-trail-enabled
nacl-no-unrestricted-ssh-rdp
neptune-cluster-backup-retention-check
neptune-cluster-cloudwatch-log-export-enabled
neptune-cluster-copy-tags-to-snapshot-enabled
neptune-cluster-deletion-protection-enabled
neptune-cluster-encrypted
neptune-cluster-iam-database-authentication
neptune-cluster-multi-az-enabled
neptune-cluster-snapshot-encrypted
neptune-cluster-snapshot-iam-database-auth-enabled
neptune-cluster-snapshot-public-prohibited
netfw-deletion-protection-enabled
netfw-logging-enabled
netfw-multi-az-enabled
netfw-policy-default-action-fragment-packets
netfw-policy-default-action-full-packets
netfw-policy-rule-group-associated
netfw-stateless-rule-group-not-empty
netfw-subnet-change-protection-enabled
nlb-cross-zone-load-balancing-enabled
nlb-internal-scheme-check
nlb-listener-tagged
nlb-logging-enabled
nlb-tagged
no-unrestricted-route-to-igw
descrição da coleção opensearch serverless
opensearch serverless-collection-standby replicas-enabled
opensearch-access-control-enabled
opensearch-audit-logging-enabled
opensearch-data-node-fault-tolerance
opensearch-encrypted-at-rest
opensearch-https-required
opensearch-in-vpc-only
opensearch-logs-to-cloudwatch
opensearch-node-to-node-encryption-check
opensearch-primary-node-fault-tolerance
opensearch-update-check
pacote panorama etiquetado
rabbit-mq-supported-version
rds-aurora-mysql-audit-logging-enabled
rds-aurora-postgresql-logs-to-cloudwatch
rds-automatic-minor-version-upgrade-enabled
rds-cluster-auto-minor-version-upgrade-enable
rds-cluster-backup-retention-check
rds-cluster-default-admin-check
rds-cluster-deletion-protection-enabled
rds-cluster-encrypted-at-rest
rds-cluster-iam-authentication-enabled
rds-cluster-multi-az-enabled
rds-db-security-group-not-allowed
rds-enhanced-monitoring-enabled
rds-event-subscription-tagged
Versão suportada pelo rds-global-cluster-aurora-mysql
rds-instance-default-admin-check
rds-instance-deletion-protection-enabled
rds-instance-iam-authentication-enabled
rds-instance-public-access-check
rds-instance-subnet-igw-check
rds-in-backup-plan
rds-last-backup-recovery-point-created
rds-logging-enabled
rds-mariadb-instance-encrypted-in-transit
rds-meets-restore-time-target
rds-multi-az-support
rds-mysql-cluster-copy-tags-to-snapshot-check
rds-mysql-instance-encrypted-in-transit
rds-option-group-tagged
rds-pgsql-cluster-copy-tags-to-snapshot-check
rds-postgresql-logs-to-cloudwatch
rds-postgres-instance-encrypted-in-transit
rds-proxy-tls-encryption
rds-resources-protected-by-backup-plan
rds-snapshots-public-prohibited
rds-snapshot-encrypted
rds-sqlserver-encrypted-in-transit
rds-sql-server-logs-to-cloudwatch
rds-storage-encrypted
redshift-audit-logging-enabled
redshift-backup-enabled
redshift-cluster-configuration-check
redshift-cluster-kms-enabled
redshift-cluster-maintenancesettings-check
redshift-cluster-multi-az-enabled
redshift-cluster-parameter-group-tagged
redshift-cluster-public-access-check
redshift-cluster-subnet-group-multi-az
redshift-default-admin-check
redshift-default-db-name-check
redshift-enhanced-vpc-routing-enabled
redshift-require-tls-ssl
redshift-serverless-default-admin-check
redshift-serverless-default-db-name-check
redshift-serverless-namespace-cmk-encryption
redshift-serverless-publish-logs-to-cloudwatch
redshift-serverless-workgroup-encrypted-in-transit
redshift-serverless-workgroup-no-public-access
redshift-serverless-workgroup-routes-within-vpc
redshift-unrestricted-port-access
required-tags
resiliencehub - etiquetado com o aplicativo
hub de resiliência - política de resiliência - etiquetada
restricted-incoming-traffic
root-account-hardware-mfa-enabled
root-account-mfa-enabled
route53-health-check-tagged
route53-hosted-zone-tagged
route53-query-logging-enabled
route53-recovery-control-cluster-tagged
etiqueta de célula de prontidão para recuperação route53
route53 3-readiness-readiness-check-tagged
route53-recovery-readiness-recovery-group-tagged
route53-readiness-resource-set-tagged
route53-resolver-firewall-domain-list-tagged
route53-resolver-firewall-rule-group-association-tagged
route53-resolver-firewall-rule-group-tagged
route53-resolver-resolver-endpoint etiquetado
route53-resolver-resolver-rule-tagged
rum-app-monitor-cloudwatch-logs-enabled
rum-app-monitor-tagged
s3express-dir-bucket-lifecycle-rules-check
s3-access-point-in-vpc-only
s3-access-point-public-access-blocks
s3-account-level-public-access-blocks
s3-account-level-public-access-blocks-periodic
s3-bucket-acl-prohibited
s3-bucket-blacklisted-actions-prohibited
s3-bucket-cross-region-replication-enabled
s3-bucket-default-lock-enabled
s3-bucket-level-public-access-prohibited
s3-bucket-logging-enabled
s3-bucket-mfa-delete-enabled
s3-bucket-policy-grantee-check
s3-bucket-policy-not-more-permissive
s3-bucket-public-read-prohibited
s3-bucket-public-write-prohibited
s3-bucket-replication-enabled
s3-bucket-server-side-encryption-enabled
s3-bucket-ssl-requests-only
s3-bucket-tagged
s3-bucket-versioning-enabled
s3-default-encryption-kms
verificação de regras da política do ciclo de vida do s3-directory-bucket-lifecycle-policy-rule-check
s3-event-notifications-enabled
s3-last-backup-recovery-point-created
s3-lifecycle-policy-check
s3-meets-restore-time-target
s3-resources-in-logically-air-gapped-vault
s3-resources-protected-by-backup-plan
s3-version-lifecycle-policy-check
sagemaker-app-image-config-tagged
sagemaker-data-quality-job-encrypt-in-transit
sagemaker-data-quality-job-isolation
sagemaker-domain-in-vpc
sagemaker-domain-tagged
sagemaker-endpoint-configuration-kms-key-configured
sagemaker-endpoint-config-prod-instance-count
descrição do grupo de recursos do sagemaker
sagemaker - criptografia de grupos de recursos em repouso
sagemaker-featuregroup-online-store-encryption
sagemaker-feature-group-tagged
sagemaker-image-description
sagemaker-image-tagged
experimento de inferência com sagemaker - etiquetado
sagemaker-model-bias-job-encrypt-in-transit
sagemaker-model-vias-job-isolation
sagemaker-model-explicability-job-encrypt-in-transit
sagemaker-model-in-vpc
sagemaker-model-isolation-enabled
sagemaker-model-multicontainer-private-registry
sagemaker-model-private-registry-obrigatório
sagemaker-model-quality-job-encrypt-in-transit
isolamento de cronograma de monitoramento do sagemaker
sagemaker-notebook-instance-inside-vpc
sagemaker-notebook-instance-kms-key-configured
sagemaker-notebook-instance-platform-version
sagemaker-notebook-instance-root-access-check
sagemaker-notebook-no-direct-internet-access
secretsmanager-rotation-enabled-check
secretsmanager-scheduled-rotation-success-check
secretsmanager-secret-periodic-rotation
secretsmanager-secret-unused
secretsmanager-using-cmk
securityhub-enabled
security-account-information-provided
service-catalog-portfolio-tagged
service-catalog-shared-within-organization
service-vpc-endpoint-enabled
ses-malware-scanning-enabled
ses-sending-tls-obrigatório
shield-advanced-enabled-autorenew
shield-drt-access
perfil de assinatura do signatário marcado
sns-encrypted-kms
sns-topic-message-delivery-notification-enabled
sns-topic-no-public-access
sqs-queue-dlq-check
sqs-queue-no-public-access
sqs-queue-policy-full-access-check
ssm-automation-block-public-sharing
ssm-automation-logging-enabled
ssm-document-not-public
ssm-document-tagged
stepfunctions-state-machine-tagged
step-functions-state-machine-logging-enabled
storagegateway-last-backup-recovery-point-created
storagegateway-resources-in-logically-air-gapped-vault
storagegateway-resources-protected-by-backup-plan
subnet-auto-assign-public-ip-disabled
transfer-agreement-description
transfer-agreement-tagged
transfer-certificate-description
transfer-certificate-tagged
verificação do algoritmo de criptografia do conector de transferência as2
verificação do algoritmo de assinatura do conector de transferência as2-mdn
verificação do algoritmo de assinatura do conector de transferência as2
transfer-connector-logging-enabled
transfer-connector-tagged
transfer-family-server-no-ftp
transfer-profile-tagged
transfer-workflow-description
transfer-workflow-tagged
virtualmachine-last-backup-recovery-point-created
virtualmachine-resources-in-logically-air-gapped-vault
virtualmachine-resources-protected-by-backup-plan
vpc-default-security-group-closed
vpc-endpoint-enabled
vpc-flow-logs-enabled
vpc-network-acl-unused-check
vpc-peering-dns-resolution-check
vpc-sg-open-only-to-authorized-ports
vpc-sg-port-restriction-check
vpc-vpn-2-tunnels-up
wafv2-logging-enabled
wafv2-rulegroup-logging-enabled
wafv2-rulegroup-not-empty
wafv2-webacl-not-empty
waf-classic-logging-enabled
waf-global-rulegroup-not-empty
waf-global-rule-not-empty
waf-global-webacl-not-empty
waf-regional-rulegroup-not-empty
waf-regional-rule-not-empty
waf-regional-webacl-not-empty
workspaces-connection-alias-tagged
workspaces-root-volume-encryption-enabled
workspaces-user-volume-encryption-enabled
workspaces-workspace-tagged

Atenção O Javascript está desativado ou não está disponível no seu navegador.

Para usar a documentação da AWS, o Javascript deve estar ativado. Consulte as páginas de Ajuda do navegador para obter instruções.

Convenções do documento

workspaces-workspace-tagged

Lista de regras gerenciadas por tipo de acionador

Essa página foi útil? - Sim

Obrigado por nos informar que estamos fazendo um bom trabalho!

Se tiver tempo, conte-nos sobre o que você gostou para que possamos melhorar ainda mais.

Essa página foi útil? - Não

Obrigado por nos informar que precisamos melhorar a página. Lamentamos ter decepcionado você.

Se tiver tempo, conte-nos como podemos melhorar a documentação.