All Products
Search
Document Center

Cloud Config:Create a rule based on a managed rule

Last Updated:Oct 31, 2023

A managed rule is a piece of logical judgment code that is stored in a rule function of Function Compute. You can create a rule based on a managed rule provided by Cloud Config to audit associated resources.

Procedure

  1. Log on to the Cloud Config console.

  2. Optional. In the upper-left corner, select an account group.

    This operation is required only if you are using a management account of a resource directory. Otherwise, you do not need to perform the operation.

  3. In the left-side navigation pane, choose Compliance & Audit > Rules.

  4. On the Rules page, click Create Rule.

  5. In the Select Create Method step, select Based on managed rule, select a rule from a template, and then click Next.

    Note

    For more information about the rule templates that are supported by Cloud Config, see Managed rules.

  6. In the Set Basic Properties step, configure the Rule Name, Parameter Settings, Risk Level, Trigger, Tags, and Description parameters. Then, click Next.

  7. In the Set Effective Scope step, specify resource types and click Next.

    You can also configure the Excluded Resource IDs, Effective for the designated resource groups, Effective for designated regions, and Effective for designated tags parameters to narrow down the scope of applicable resources.

  8. In the Set Remediation step, click Submit.

    You can turn on Set Remediation and configure template remediation or custom remediation for the rule as prompted. For more information about how to configure remediation, see Overview of remediation settings.

References