CloudConfig is a resource-oriented audit service. When you have a large number of resources, CloudConfig helps you perform continuous compliance monitoring on infrastructure resources.

You can use CloudConfig to perform the following operations:
  1. Obtain a list of resources that are owned by the specified account. You can obtain the configuration snapshot of each resource by performing a simple search. For more information, see View the resource list.
  2. By default, CloudConfig monitors configuration changes of all resources under your account. Each configuration change has been recorded for each service resource since CloudConfig is activated. If you remove a specific resource type from the specified monitoring scope, configuration changes for resources of the removed type are no longer recorded. For more information, see Manage resource monitoring scope and View the resource configuration timeline.
  3. Query the operation events that cause a specific change. For more information, see View resource change history.
  4. Configure compliance rules to evaluate resources. A rule is triggered at a specified time point or when configuration changes for resources occur. For more information, see Create a rule.
  5. View a list of resources and compliance rules and the details of each resource and compliance rule.
Before using CloudConfig, you must familiarize yourself with the following precautions:
  • You must ensure that you have read and agree to CloudConfig Terms of Services.
  • CloudConfig is expanding its monitoring scope to include more Alibaba Cloud services. The number of supported resources increases over time. After CloudConfig adds support for a new type of resources, the new resource type is automatically added to the monitoring scope. You can later remove one or more types of resources from the monitoring scope as required.
  • CloudConfig detects configuration changes at a regular interval of 10 minutes. CloudConfig may fail to identify a change if a change occurs and it is restored within the same 10-minute interval.
  • Data accuracy is not guaranteed when CloudConfig is in public preview. If you find that some data is not generated as expected, we recommend that you submit a ticket. Data includes a list of resources, configuration details, and evaluation results from rules. If you have further requirements such as adding support for more resource types, we recommend that you submit a ticket. We appreciate your support and understanding in helping us improve our services.