Documentazione AWS Config Guida per gli sviluppatori

Le traduzioni sono generate tramite traduzione automatica. In caso di conflitto tra il contenuto di una traduzione e la versione originale in Inglese, quest'ultima prevarrà.

Elenco di AWS Config Regole gestite

AWS Config attualmente supporta le seguenti regole gestite. Prima di utilizzare queste regole, consultaConsiderazioni.

Argomenti

access-keys-rotated
account-part-of-organizations
acmpca-certificate-authority-tagged
acm-certificate-expiration-check
acm-certificate-rsa-check
acm-certificate-transparent-logging-abilitato
acm-pca-root-ca-disabilitato
active-mq-supported-version
alb-desync-mode-check
alb-http-drop-invalid-abilitato per l'intestazione
alb-http-to-https-controllo del reindirizzamento
alb-internal-scheme-check
alb-listener-tagged
etichettato con alb-tag
alb-waf-enabled
amplify-app-branch-auto-abilitato all'eliminazione
amplify-app-build-spec-configurato
amplify-app-description
amplify-app-no-environment-variabili
amplify-app-platform-check
amplify-app-tagged
amplify-branch-auto-build-abilitato
amplify-branch-build-spec-configurato
amplify-branch-description
amplify-branch-framework-configured
amplify-branch-performance-mode-abilitato
amplify-branch-pull-request-abilitato all'anteprima
amplify-branch-tagged
apigateway v2- integration-private-https-enabled
apigateway v2-stage - descrizione
apigateway-domain-name-tls-controlla
apigateway-stage-access-logs-abilitato
apigateway-stage-description
api-gwv2-access-logs-enabled
api-gwv2- authorization-type-configured
api-gwv2- -metrics-enabled stage-default-route-detailed
api-gw-associated-with-waf
api-gw-cache-enabled-e crittografato
api-gw-endpoint-type-controlla
api-gw-execution-logging-enabled
api-gw-rest-api-etichettato
api-gw-ssl-enabled
api-gw-stage-tagged
api-gw-xray-enabled
appconfig-application-description
appconfig-application-tagged
appconfig-configuration-profile-tagged
appconfig-configuration-profile-validators-non-vuoto
appconfig-deployment-strategy-description
appconfig-deployment-strategy-minimum-final-bake-time
appconfig-deployment-strategy-replicate-ssm
appconfig-deployment-strategy-tagged
appconfig-environment-description
appconfig-environment-tagged
appconfig-extension-association-tagged
appconfig-freeform-profile-config-archiviazione
appconfig-hosted-configuration-version-descrizione
appflow-flow-tagged
appflow-flow-trigger-type-dai un'occhiata
appintegrations-application-approved-origins-dai un'occhiata
appintegrations-application-tagged
appintegrations-event-integration-description
appintegrations-event-integration-tagged
appmesh-gateway-route-tagged
appmesh-mesh-deny-tcp-inoltro
appmesh-mesh-ip-pref-controlla
appmesh-mesh-tagged
appmesh-route-tagged
appmesh-virtual-gateway-backend-predefiniti-tls
appmesh-virtual-gateway-listeners-health-check-enabled
appmesh-virtual-gateway-logging-file-path-exists
appmesh-virtual-gateway-tagged
appmesh-virtual-node-backend-defaults-tls-on
appmesh-virtual-node-cloud-map-ip-pref-check
appmesh-virtual-node-dns-ip-pref-check
appmesh-virtual-node-listeners-health-check-enabled
appmesh-virtual-node-listeners-outlier-detect-enabled
appmesh-virtual-node-logging-file-path-exists
appmesh-virtual-node-service-backends-tls-enforced
appmesh-virtual-node-tagged
appmesh-virtual-router-tagged
appmesh-virtual-service-tagged
approved-amis-by-id
approved-amis-by-tag
apprunner-service-in-vpc
apprunner-service-ip-address-controllo del tipo
apprunner-service-max-unhealthy-soglia
apprunner-service-no-public-accesso
apprunner-service-observability-enabled
apprunner-service-tagged
apprunner-vpc-connector-tagged
appstream-fleet-in-vpc
appsync-associated-with-waf
appsync-authorization-check
appsync-cache-ct-encryption-a riposo
appsync-cache-ct-encryptionin transito
appsync-cache-encryption-at-riposo
appsync-graphql-api-xray-abilitato
appsync-logging-enabled
aps-rule-groups-namespace-etichettato
athena-data-catalog-description
athena-prepared-statement-description
athena-workgroup-description
athena-workgroup-encrypted-at-riposo
athena-workgroup-enforce-workgroup-configurazione
athena-workgroup-engine-version-aggiornamento automatico
athena-workgroup-logging-enabled
auditmanager-assessment-tagged
aurora-global-database-encryption-a riposo
aurora-last-backup-recovery-punto creato
aurora-meets-restore-time-bersaglio
aurora-mysql-backtracking-enabled
aurora-mysql-cluster-audit-registrazione
aurora-resources-in-logically-air-gapped-vault
aurora-resources-protected-by-piano di backup
autoscaling-capacity-rebalancing
autoscaling-group-elb-healthcheck-richiesto
autoscaling-launchconfig-requires-imdsv2
autoscaling-launch-config-hop-limite
autoscaling-launch-config-public-ip-disabilitato
autoscaling-launch-template
autoscaling-multiple-az
autoscaling-multiple-instance-types
backup-plan-min-frequency-and-min-retention-check
backup-recovery-point-encrypted
backup-recovery-point-manual-eliminazione-disabilitato
backup-recovery-point-minimum-controllo della conservazione
batch-compute-environment-enabled
batch-compute-environment-managed
batch-compute-environment-tagged
batch-job-queue-enabled
batch-job-queue-tagged
batch-managed-compute-environment-using-launch-template
batch-managed-compute-env-allocation-strategy-check
batch-managed-compute-env-compute-resources-tagged
batch-managed-spot-compute-environment-max-bid
batch-scheduling-policy-tagged
beanstalk-enhanced-health-reporting-abilitato
bedrockagentcore-gateway-authorizer abilitato
bedrockagentcore-runtime-private-network-richiesto
abilitato alla crittografia bedrock-agentcore-memory
cassandra-keyspace - etichettato
clb-desync-mode-check
clb-multiple-az
cloudformation-stack-drift-detection-check
cloudformation-stack-notification-check
controllo del ruolo del servizio cloudformation-stack-service
cloudformation-termination-protection-check
cloudfront-accesslogs-enabled
cloudfront-associated-with-waf
cloudfront-custom-ssl-certificate
cloudfront-default-root-object-configured
abilitato al gruppo di chiavi di distribuzione cloudfront
cloudfront-no-deprecated-ssl-protocols
cloudfront-origin-access-identity-enabled
cloudfront-origin-failover-enabled
abilitato per cloudfront-origin-lambda-url-oac
cloudfront-s3-origin-access-control-enabled
cloudfront-s3-origin-non-existent-bucket
cloudfront-security-policy-check
cloudfront-sni-enabled
cloudfront-ssl-policy-check
cloudfront-traffic-to-origin-encrypted
cloudfront-viewer-policy-https
cloudtrail-all-read-s3-data-event-check
cloudtrail-all-write-s3-data-event-check
cloudtrail-event-data-store-multiregione
registrazione degli accessi a cloudtrail-s3-bucket
cloudtrail-s3-bucket-accesso pubblico vietato
cloudtrail-s3-dataevents-enabled
cloudtrail-security-trail-enabled
cloudwatch-alarm-action-check
cloudwatch-alarm-action-enabled-check
cloudwatch-alarm-descrizione
cloudwatch-alarm-resource-check
cloudwatch-alarm-settings-check
cloudwatch-log-group-encrypted
cloudwatch-metric-stream-taggato
cloud-trail-cloud-watch-logs-enabled
cloudtrail-enabled
cloud-trail-encryption-enabled
cloud-trail-log-file-validation-enabled
cmk-backing-key-rotation-enabled
codeartifact-repository - etichettato
codebuild-project-artifact-encryption
codebuild-project-environment-privileged-check
codebuild-project-envvar-awscred-check
codebuild-project-logging-enabled
codebuild-project-s3-logs-encrypted
codebuild-project-source-repo-url-check
codebuild-project-taggato
codebuild-report-group-crittografato a riposo
codebuild-report-group-taggato
codedeploy-auto-rollback-monitor-enabled
codedeploy-deployment-group-abilitato al rollback automatico
codedeploy-deployment-group-outdated-instances-update
codedeploy-ec2-minimum-healthy-hosts-configured
codedeploy-lambda-allatonce-traffic-shift-disabled
codeguruprofiler-profiling-group-taggato
codegurureviewer-repository-association-taggato
codepipeline-deployment-count-check
codepipeline-region-fanout-check
cognito-identity-pool-accessi non autenticati
cognito-identity-pool-unauth-access-check
cognito-userpool-cust-auth-threat-controllo completo
abilitato per la sicurezza avanzata di cognito-userpool
abilitata la protezione dall'eliminazione del pool di utenti di cognito
abilitato per cognito-userpool-mfa
controllo della politica delle password cognito-userpool
cognito-userpool-taggato
registrazione delle istanze di connessione abilitata
profili dei clienti - dominio - taggato
customerprofiles-object-type-allow-profile-creation
profili-clienti-oggetto-tipo-etichettati
custom-eventbus-policy-attached
custom-schema-registry-policy-attached
cw-loggroup-retention-period-check
datasync-location-object-storage-using-https
datasync-task-abilitato alla verifica dei dati
data sync-task-logging abilitato
datasync-task-taggato
dax-encryption-enabled
crittografia dax-tls-endpoint
db-instance-backup-enabled
desired-instance-tenancy
desired-instance-type
devicefarm-instance-profile-taggato
devicefarm-project-taggato
etichetta del progetto devicefarm-test-grid
dms-auto-minor-version-upgrade-check
dms-endpoint-ssl-configured
con tag dms endpoint
autenticazione dms-mongo-db abilitata
dms-neptune-iam-abilitato all'autorizzazione
abilitato per dms-redis-tls
abilitato per dms-replication-instance-multi-az
dms-replication-not-public
dms-replication-task-sourcedb-logging
tag dms-replication-task
dms-replication-task-targetdb-logging
docdb-cluster-audit-logging-enabled
docdb-cluster-backup-retention-check
docdb-cluster-deletion-protection-enabled
docdb-cluster-encrypted
cluster docdb crittografato in transito
docdb-cluster-snapshot-public-prohibited
dynamodb-autoscaling-enabled
dynamodb-in-backup-plan
dynamodb-last-backup-recovery-point-created
dynamodb-meets-restore-time-target
dynamodb-pitr-enabled
dynamodb-resources-protected-by-backup-plan
dynamodb-table-deletion-protection-enabled
dynamodb-table-encrypted-kms
dynamodb-table-encryption-enabled
dynamodb-throughput-limit-check
ebs-in-backup-plan
ebs-last-backup-recovery-point-created
ebs-meets-restore-time-target
ebs-optimized-instance
ebs-resources-in-logically-gapped-vault
ebs-resources-protected-by-backup-plan
ebs-snapshot-block-accesso pubblico
ebs-snapshot-public-restorable-check
ec2-capacity-reservation-taggato
etichettato con ec2-carrier-gateway
ec2-client-vpn-connection-log-enabled
ec2-client-vpn-endpoint contrassegnati
ec2-client-vpn-not-authorize-all
contrassegnati con opzioni ec2-dhcp
ec2-ebs-encryption-by-default
ec2-enis-source-destination-check abilitato
ec2-fleet etichettato
ec2-imdsv2-check
ec2-instance-detailed-monitoring-enabled
istanza ec2 lanciata con ami consentita
ec2-instance-managed-by-systems-manager
ec2-instance-multiple-eni-check
ec2-instance-no-public-ip
ec2-instance-profile-attached
con tag ec2-ipamscope
ec2-last-backup-recovery-point-created
ec2-launchtemplate-ebs-encrypted
ec2-launch-templates-ebs-volume-encrypted
ec2-launch-template-imdsv2-check
ec2-launch-template-public-ip-disabled
modello ec2-launch-taggato
ec2-managedinstance-applications-blacklisted
ec2-managedinstance-applications-required
ec2-managedinstance-association-compliance-status-check
ec2-managedinstance-inventory-blacklisted
ec2-managedinstance-patch-compliance-status-check
ec2-managedinstance-platform-check
ec2-meets-restore-time-target
ec2-network-insights-access-scope-analysis-taggato
etichettato con ec2-network-insights-access-scope
ec2-network-insights-analysis-taggato
ec2-network-insights-path-taggato
ec2-no-amazon-key-pair
ec2-paravirtual-instance-check
etichettato con ec2-prefix-list
risorse ec2 in un vault con intercapedine logico
ec2-resources-protected-by-backup-plan
ec2-security-group-attached-to-eni
ec2-security-group-attached-to-eni-periodic
ec2-spot-fleet-request-ct-crittografia-a riposo
ec2-stopped-instance
ec2-token-hop-limit-check
descrizione del filtro ec2-traffic-mirror
filtro ec2-traffic-mirror etichettato
ec2-traffic-mirror-descrizione della sessione
ec2-traffic-mirror-session-taggato
ec2-traffic-mirror-target-descrizione
ec2-traffic-mirror-target-tags
ec2-transit-gateway-auto-vpc-attach-disabled
ec2-transit-gateway-multicast-domain-taggato
ec2-volume-inuse-check
controllo della versione di connessione come ec2-vpn
registrazione della connessione ec2-VPN abilitata
Connessione ec2-VPN contrassegnata
ecr-private-image-scanning-enabled
ecr-private-lifecycle-policy-configured
ecr-private-tag-immutability-enabled
abilitato alla crittografia ecr-repository-cmk
con tag ecr-repository
ecs-awsvpc-networking-enabled
etichettato con ecs-capacity-provider
ecs-capacity-provider-terminationcheck
ecs-containers-nonprivileged
ecs-containers-readonly-access
ecs-container-insights-enabled
ecs-fargate-latest-platform-version
ecs-no-environment-secrets
abilitato per ecs-service-propagate-tags
abilitato alla crittografia per ecs-task-definition con efs
ecs-task-definition-linux-user-non-root
ecs-task-definition-log-configuration
ecs-task-definition-memory-hard-limit
ecs-task-definition-modalità-network-non-host
ecs-task-definition-nonroot-user
ecs-task-definition-pid-mode-check
ecs-task-definition-user-for-host-mode-check
ecs-task-definizione-windows-utente-non-amministratore
efs-access-point-enforce-root-directory
efs-access-point-enforce-user-identity
abilitato per efs-automatic-backups
efs-encrypted-check
efs-filesystem-ct-criptato
etichettati con efs-file-system
efs-in-backup-plan
efs-last-backup-recovery-point-created
efs-meets-restore-time-target
efs-mount-target-accessibile-pubblico
efs-resources-in-logically-air-gapped-vault
efs-resources-protected-by-backup-plan
eip-attached
con tag eks-addon
eks-cluster-logging-enabled
eks-cluster-log-enabled
eks-cluster-oldest-supported-version
eks-cluster-secrets-crittografato
eks-cluster-supported-version
eks-endpoint-no-public-access
eks-fargate-profile-taggato
controllo della versione supportata da eks-nodegroup
eks-secrets-encrypted
elasticache-automatic-backup-check abilitato
elasticache-auto-minor-version-upgrade-check
elasticache-rbac-auth-enabled
elasticache-redis-cluster-automatic-backup-check
elasticache-repl-grp-auto-failover-enabled
elasticache-repl-grp-encrypted-at-rest
elasticache-repl-grp-encrypted-in-transit
elasticache-repl-grp-redis-auth-enabled
elasticache-subnet-group-check
elasticache-supported-engine-version
elasticbeanstalk - descrizione dell'applicazione
elasticbeanstalk - versione dell'applicazione - descrizione
elasticbeanstalk - descrizione dell'ambiente
elasticsearch-encrypted-at-rest
elasticsearch-in-vpc-only
elasticsearch-logs-to-cloudwatch
elasticsearch-node-to-node-encryption-check
elastic-beanstalk-logs-to-cloudwatch
elastic-beanstalk-managed-updates-enabled
elbv2-acm-certificate-required
elbv2-listener-crittografia-in transito
elbv2-multiple-az
elbv2-policy-sicurezza-predefinita-ssl-check
elbv2-targetgroup-healthcheck-protocol crittografato
protocollo elbv2-targetgroup-crittografato
elb-acm-certificate-required
elb-cross-zone-load-balancing-enabled
elb-custom-security-policy-ssl-check
elb-deletion-protection-enabled
elb-internal-scheme-check
elb-logging-enabled
elb-predefined-security-policy-ssl-check
etichettato elb
elb-tls-https-listeners-only
emr-block-public-access
emr-kerberos-enabled
emr-master-no-public-ip
emr-security-configurazione-encryption-rest
emr-security-configurazione-crittografia-transito
encrypted-volumes
eventschemas-discoverer-taggato
eventschemas-registro-taggato
event-data-store-cmk abilitato alla crittografia
evidentemente - descrizione del lancio
evidentemente etichettato come lancio
evidentemente descrizione del progetto
evidentemente etichettato come progetto
evidentemente descrizione del segmento
evidentemente etichettato per segmenti
fis-experiment-template-log-configurazione-esiste
modello fis-experiment-taggato
fms-shield-resource-policy-check
fms-webacl-resource-policy-check
fms-webacl-rulegroup-association-check
frauddetector-entity-type-taggato
Frauddetector - etichettato
Frauddetector-outcome-taggato
rilevatore di frodi - con tag variabile
fsx-last-backup-recovery-point-created
fsx-lustre-copy-tags-to-backups
fsx-meets-restore-time-target
controllo del tipo di implementazione fsx-ontap-
fsx-openzfs-copy-tags-enabled
fsx-openzfs-deployment-tipo-check
fsx-resources-protected-by-backup-plan
fsx-windows-audit-log-configured
controllo del tipo di distribuzione fsx-windows-
etichettato da glb-listener
etichettato glb
global-endpoint-event-replication-enabled
abilitato alla registrazione di glue-job
glue-ml-transform-crittografato a riposo
glue-ml-transform-taggato
versione supportata da glue-spark-job
taggato con groundstation-config
groundstation-dataflowendpointgroup-taggato
groundstation-missionprofile-taggato
guardduty-ec2-protection-runtime abilitato
abilitato per guardduty-ecs-protection-runtime
abilitato al controllo di protezione guardduty-eks
abilitato per guardduty-eks-protection-runtime
guardduty-enabled-centralized
abilitato alla protezione lambda guardduty
guardduty - abilitato alla protezione da malware
guardduty-non-archived-findings
abilitato alla protezione guardduty-rds
abilitato per il monitoraggio del runtime di guardduty
abilitato alla protezione guardduty-s3
healthlake - fhir datastore - taggato
iam-customer-policy-blocked-kms-actions
abilitato all'analizzatore di accesso esterno
iam-group-has-users-check
iam-inline-policy-blocked-kms-actions
iam-no-inline-policy-check
iam-oidc-provider-client-id-list-check
contrassegnato da iam-oidc-provider
iam-password-policy
iam-policy-blacklisted-check
iam-policy-description
iam-policy-in-use
iam-policy-no-statements-with-admin-access
iam-policy-no-statements-with-full-access
iam-role-managed-policy-check
iam-root-access-key-check
sono etichettato da saml-provider
controllo della scadenza del certificato iam-server
iam-server-certificate-taggato
iam-user-group-membership-check
iam-user-mfa-enabled
iam-user-no-policies-check
iam-user-unused-credentials-check
imagebuilder-distributionconfiguration-taggato
imagebuilder-imagepipeline-taggato
imagebuilder-imagerecipe-ebs-volumes-encrypted
imagebuilder-imagerecipe-taggato
imagebuilder - configurazione dell'infrastruttura - taggato
restricted-ssh
abilitato a inspector-ec2-scan
abilitato a Inspector-ecr-scan
abilitato alla scansione del codice lambda dell'ispettore
inspector-lambda-standard-scan abilitato
ec2-instances-in-vpc
internet-gateway-authorized-vpc-only
iotdevicedefender con tag metrici personalizzati
iotevents-alarm-model-taggato
iotevents-detector-model-taggato
iotevents-input-taggato
iotsitewise-asset-model-taggato
iotsitewise-dashboard-taggato
etichettato con iotsitewise gateway
iotsitewise - portal-taggato
iotsitewise-project-taggato
iottwinmaker-component-type-taggato
etichettato con iottwinmaker-entity
con tag iottwinmaker-scene
iottwinmaker-sync-job-taggato
iottwinmaker-workspace-taggato
iotwireless-fuota-task-taggato
gruppo iotwireless-multicast con tag
profilo di servizio wireless con tag iotwireless-profile
abilitato alla firma con token di autorizzazione IoT
modello iot-job-taggato
descrizione del modello di iot-provisioning
modello di provisioning iot-jitp
modello di provisioning con tag IoT
Iot-scheduled-audit-taggato
abilitata all'autorizzazione alla riproduzione ivs-channel-
con tag ivs-channel
coppia di tasti ivs-playback-taggata
ivs-recording-configuration-taggato
kendra-index-tagged
canale di segnalazione video kinesis - taggato
kinesisvideo-stream - taggato
kinesis-firehose-delivery-stream-criptato
kinesis-stream-backup-retention-check
kinesis-stream-encrypted
conservazione minima dei dati in kinesis-video-stream
kms-cmk-not-scheduled-for-deletion
kms-key-policy-no-accesso-pubblico
con tag kms
lambda-concurrency-check
lambda-dlq-check
controllo del livello di registro dell'applicazione della funzione lambda
descrizione della funzione lambda
funzione-lambda-log-format-json
lambda-function-public-access-prohibited
lambda-function-settings-check
controllo del livello di registro del sistema di funzioni lambda
funzione lambda abilitata per i raggi x
lambda-inside-vpc
lambda-vpc-multi-az-check
lightsail-bucket-allow-public-overrides-disabilitato
abilitato per il controllo delle versioni di oggetti lightsail-bucket
etichettato con lightsail-bucket
certificato lightsail etichettato
etichettati con lightsail-disk
macie-auto-sensitive-data-discovery-check
macie-status-check
mariadb-publish-logs-to-cloudwatch-logs
mediapackage-packagingconfiguration-taggato
tag di configurazione di riproduzione mediatailor
memorydb - subnetgroup - con tag
mfa-enabled-for-iam-console-access
autenticazione mq-active-broker-ldap
mq-active-deployment-mode
mq-active-single-instance-broker-storage-type-efs
mq-automatic-minor-version-upgrade-enabled
mq-auto-minor-version-upgrade-enabled
mq-broker-abilitato alla registrazione generale
mq-cloudwatch-audit-logging-enabled
abilitato per mq-cloudwatch-audit-log
mq-no-public-access
mq-rabbit-deployment-mode
msk-cluster-accesso-pubblico disabilitato
con tag msk-cluster
abilitato alla registrazione del connettore msk-connect
msk-enhanced-monitoring-enabled
msk-in-cluster-node-require-tls
msk-unrestricted-access-check
multi-region-cloudtrail-enabled
nacl-no-unrestricted-ssh-rdp
neptune-cluster-backup-retention-check
neptune-cluster-cloudwatch-log-export-enabled
neptune-cluster-copy-tags-to-snapshot-enabled
neptune-cluster-deletion-protection-enabled
neptune-cluster-encrypted
neptune-cluster-iam-database-authentication
neptune-cluster-multi-az-enabled
neptune-cluster-snapshot-encrypted
neptune-cluster-snapshot-sono abilitato all'autenticazione del database
neptune-cluster-snapshot-public-prohibited
netfw-deletion-protection-enabled
netfw-logging-enabled
netfw-multi-az-enabled
netfw-policy-default-action-fragment-packets
netfw-policy-default-action-full-packets
netfw-policy-rule-group-associated
netfw-stateless-rule-group-not-empty
abilitato alla protezione da modifiche netfw-subnet-change
nlb-cross-zone-load-balancing-enabled
controllo dello schema interno nlb
etichettato con nlb-listener
abilitato alla registrazione nlb
etichettato con nlb
no-unrestricted-route-to-igw
opensearchserverless-collection-description
opensearchserverless-collection-standby abilitato per le repliche
opensearch-access-control-enabled
opensearch-audit-logging-enabled
opensearch-data-node-fault-tolerance
opensearch-encrypted-at-rest
opensearch-https-required
opensearch-in-vpc-only
opensearch-logs-to-cloudwatch
opensearch-node-to-node-encryption-check
opensearch-primary-node-fault-tolerance
opensearch-update-check
pacchetto panorama-taggato
versione supportata da rabbit-mq
rds-aurora-mysql-audit-logging-enabled
rds-aurora-postgresql-logs-sucloudwatch
rds-automatic-minor-version-upgrade-enabled
rds-cluster-auto-minor-version-upgrade-enable
controllo di conservazione rds-cluster-backup-
rds-cluster-default-admin-check
rds-cluster-deletion-protection-enabled
rds-cluster-encrypted-at-rest
rds-cluster-iam-authentication-enabled
rds-cluster-multi-az-enabled
rds-db-security-group-not-allowed
rds-enhanced-monitoring-enabled
rds-event-subscription-taggato
versione-supportata da rds-global-cluster-aurora-mysql
rds-instance-default-admin-check
rds-instance-deletion-protection-enabled
rds-instance-iam-authentication-enabled
rds-instance-public-access-check
rds-instance-subnet-igw-check
rds-in-backup-plan
rds-last-backup-recovery-point-created
rds-logging-enabled
istanza rds-mariadb-crittografata in transito
rds-meets-restore-time-target
rds-multi-az-support
rds-mysql-cluster-copy-tags-to-snapshot-check
istanza rds-mysql-crittografata in transito
rds-option-group-taggato
rds-pgsql-cluster-copy-tags-to-snapshot-check
rds-postgresql-logs-sucloudwatch
istanza rds-postgres-crittografata in transito
crittografia rds-proxy-tls
rds-resources-protected-by-backup-plan
rds-snapshots-public-prohibited
rds-snapshot-encrypted
rds-sqlserver-crittografato in transito
rds-sql-server-logs-sucloudwatch
rds-storage-encrypted
redshift-audit-logging-enabled
redshift-backup-enabled
redshift-cluster-configuration-check
redshift-cluster-kms-enabled
redshift-cluster-maintenancesettings-check
abilitato per redshift-cluster-multi-az
redshift-cluster-parameter-group-taggato
redshift-cluster-public-access-check
redshift-cluster-subnet-group-multi-az
redshift-default-admin-check
redshift-default-db-name-check
redshift-enhanced-vpc-routing-enabled
redshift-require-tls-ssl
redshift-serverless-default-admin-check
redshift-serverless-default-db-nome-check
redshift-serverless-namespace-cmk-encryption
redshift-serverless-publishlogs-to-cloudwatch
redshift-serverless-workgroup-crittografato in transito
gruppo di lavoro redshift-serverless-no-accesso pubblico
redshift-serverless-workgroup-routes-all'interno di vpc
redshift - accesso alle porte senza restrizioni
required-tags
resiliencehub-app-taggato
resiliencehub-resiliencypolicy-taggato
restricted-common-ports
root-account-hardware-mfa-enabled
root-account-mfa-enabled
route53 - health check taggato
route53-hosted-zone-taggato
route53-query-logging-enabled
route53-recovery-control-cluster-tagged
route53-recovery-readiness-cell-taggato
route53 - Recovery-Readiness-Readiness Check-Tagged
route53-recovery-readiness-recovery-group-taggato
route53-recovery-readiness-resource-set-tagged
route53-resolver-firewall-domain-list-taggato
route53-resolver-firewall-rule-group-association-taggato
route53-resolver-firewall-rule-taggato
route53-resolver-resolver-endpoint-taggato
route53-resolver-resolver-rule-taggato
rum-app-monitor-cloudwatch-logs-abilitato
rum-app-monitor-taggato
s3express-dir-bucket-lifecycle-regole-check
s3-access-point-in-vpc-only
s3-access-point-public-access-blocks
s3-account-level-public-access-blocks
s3-account-level-public-access-blocks-periodic
s3-bucket-acl-prohibited
s3-bucket-blacklisted-actions-prohibited
abilitato per la replica tra più regioni con bucket s3
s3-bucket-default-lock-enabled
s3-bucket-level-public-access-prohibited
s3-bucket-logging-enabled
s3-bucket-mfa-delete-enabled
s3-bucket-policy-grantee-check
s3-bucket-policy-not-more-permissive
s3-bucket-public-read-prohibited
s3-bucket-public-write-prohibited
s3-bucket-replication-enabled
s3-bucket-server-side-encryption-enabled
s3-bucket-ssl-requests-only
etichettato con s3 bucket
s3-bucket-versioning-enabled
s3-default-encryption-kms
s3-directory-bucket-lifecycle-policy-rule-check
s3-event-notifications-enabled
s3-last-backup-recovery-point-created
s3-lifecycle-policy-check
s3-meets-restore-time-target
risorse s3 in un vault con intercapedine logico
s3-resources-protected-by-backup-plan
s3-version-lifecycle-policy-check
taggato con sagemaker-app-image-config
sagemaker-data-quality-job-encrypt-in-transit
sagemaker-data-quality-job-isolation
dominio sagemaker in vpc
taggato con dominio sagemaker
sagemaker-endpoint-configuration-kms-key-configured
sagemaker-endpoint-config-prod-instance-count
sagemaker-feature group-descrizione
sagemaker-featuregroup-crittograup-a riposo
crittografia sagemaker-featuregroup-online-store-
taggato dal gruppo di funzionalità sagemaker
sagemaker - descrizione dell'immagine
taggato con immagine sagemaker
taggato con sagemaker-inferenceexperiment-taggato
sagemaker-model-bias-job-crittografia-in-transit
sagemaker-model-bias-job-isolamento
spiegabilità del modello sagemaker - crittografia del lavoro in transito
modello sagemaker in vpc
abilitato all'isolamento del modello sagemaker
registro privato sagemaker modello multicontainer
sagemaker-model-private-registro-richiesto
sagemaker-model-quality-job-encrypt-in-transit
sagemaker-monitoring-schedule-isolamento-
sagemaker-notebook-instance-inside-vpc
sagemaker-notebook-instance-kms-key-configured
versione della piattaforma sagemaker-notebook-instance
sagemaker-notebook-instance-root-access-check
sagemaker-notebook-no-direct-internet-access
secretsmanager-rotation-enabled-check
secretsmanager-scheduled-rotation-success-check
secretsmanager-secret-periodic-rotation
secretsmanager-secret-unused
secretsmanager-using-cmk
securityhub-enabled
security-account-information-provided
servizio-catalogo-portafoglio-taggato
catalogo dei servizi condiviso all'interno dell'organizzazione
service-vpc-endpoint-enabled
ses-malware-scanning-enabled
ses-sending-tls-required
shield-advanced-enabled-autorenew
shield-drt-access
firmatario - firma il profilo - taggato
sns-encrypted-kms
sns-topic-message-delivery-notification-enabled
sns-topic-senza accesso pubblico
sqs-queue-dlq-check
sqs-queue-no-public-access
sqs-queue-policy-controllo di accesso completo
ssm-automation-block-condivisione pubblica
abilitato alla registrazione di automazione ssm
ssm-document-not-public
documento ssm con tag
stepfunctions-state-machine-taggato
step-functions-state-machine-logging-enabled
storagegateway-last-backup-recovery-point-created
storagegateway-resource-in-logically-gapped-vault
storagegateway-resources-protected-by-backup-plan
subnet-auto-assign-public-ip-disabled
descrizione del contratto di trasferimento
contratto di trasferimento contrassegnato
descrizione del certificato di trasferimento
certificato di trasferimento etichettato
controllo dell'algoritmo di crittografia transfer-connector-as2
transfer-connector-as2-mdn-signing-algorithm-check
controllo dell'algoritmo di firma as2-transfer-connector-as2-
abilitato alla registrazione del connettore di trasferimento
transfer-connector-taggato
transfer-family-server-noftp
transfer-profile-taggato
descrizione del flusso di lavoro di trasferimento
transfer-workflow-taggato
virtualmachine-last-backup-recovery-point-created
risorse di macchine virtuali in un vault logicamente distanziato
virtualmachine-resources-protected-by-backup-plan
vpc-default-security-group-closed
abilitato per vpc-endpoint
vpc-flow-logs-enabled
vpc-network-acl-unused-check
vpc-peering-dns-resolution-check
vpc-sg-open-only-to-authorized-ports
controllo della restrizione della porta vpc-sg-
vpc-vpn-2-tunnels-up
wafv2-logging-enabled
wafv2-rulegroup-logging-enabled
wafv2-rulegroup-not-empty
wafv2-webacl-not-empty
waf-classic-logging-enabled
waf-global-rulegroup-not-empty
waf-global-rule-not-empty
waf-global-webacl-not-empty
waf-regional-rulegroup-not-empty
waf-regional-rule-not-empty
waf-regional-webacl-not-empty
alias di connessione agli spazi di lavoro con tag
workspaces-root-volume-abilitato alla crittografia
aree di lavoro abilitate alla crittografia del volume dell'utente
spazi di lavoro-spazio di lavoro etichettati

Avvertimento JavaScript è disabilitato o non è disponibile nel tuo browser.

Per usare la documentazione AWS, JavaScript deve essere abilitato. Consulta le pagine della guida del browser per le istruzioni.

Convenzioni dei documenti

Regole gestite

access-keys-rotated

Questa pagina ti è stata utile? - Sì

Grazie per averci comunicato che stiamo facendo un buon lavoro!

Se hai un momento, ti invitiamo a dirci che cosa abbiamo fatto che ti è piaciuto così possiamo offrirti altri contenuti simili.

Questa pagina ti è stata utile? - No

Grazie per averci comunicato che questa pagina ha bisogno di essere modificata. Siamo spiacenti di non aver soddisfatto le tue esigenze.

Se hai un momento, ti invitiamo a dirci come possiamo migliorare la documentazione.