An official English-language version of the documentation is not available. For your convenience only, we have introduced the use of machine-translation software capable of producing rough translations in various languages, including English.This machine-translated version of the documentation was produced using only machine-translation software and without any human intervention. We are making continuous efforts to improve the machine-translation software. HOWEVER, MACHINE TRANSLATIONS MAY CONTAIN ERRORS. ANY RELIANCE BY YOU UPON THIS MACHINE TRANSLATION IS SOLELY AT YOUR OWN RISK, AND ALIBABA CLOUD SHALL NOT BE LIABLE TO YOU OR ANY OTHER PARTIES FOR ANY ADVERSE CONSEQUENCES (DIRECT, INDIRECT, CONSEQUENTIAL OR OTHERWISE) ARISING FROM OR IN CONNECTION WITH THE DOCUMENTATION OR ANY TRANSLATIONS THEREOF.
To request a human-translated version of this article or to comment on the quality of machine translation, please use the "More suggestions" text area in the feedback form below to submit feedback.
This article lists the basic concepts used in configuration audit to help you understand and use them correctly.
- Physical resources such as computing instances and storage instances.
- Management Concepts of application-level products such as work groups and workflows.
- Manage resources related to roles, policies, and other permissions.
Resource configuration details
All information that can be obtained through the resource query interface opened by cloud products.
- When you select a resource type that is within the monitoring range, all physical resources of this type under the account are tracked and configuration change snapshots are recorded every 10 minutes.
- When a resource type is removed from the monitoring scope, all entity resources of this type under the account stop recording configuration changes.
Configure the timeline
- For the resources that are stored when you activate the configuration audit service, the starting point of the configuration timeline is the service activation time.
- For resources created after you activate the configuration audit service, the starting point of the configuration timeline is the resource creation time. Configuration audit checks the resource configuration changes every 10 minutes. If a configuration change occurs, a node is displayed on the configuration timeline, the resource configuration details, change details, and Operation events at the time point are displayed.
- Preset system rules: configure audit service to provide you with dozens of preset system rules. For more information, see List of preset rules
- Develop custom rules: To create a custom rule, you must log on to function compute to create a rule function. When creating a custom rule in the configuration audit console, you must enter the rule function ARN. Custom rules can better support personalized compliance scenarios.
- If the rule is triggered at a scheduled time, it only includes the records of the scheduled evaluation.
- If the rule is triggered by a change, it includes the records assessed at each change.
- If you select two triggering methods, an evaluation record is displayed.