After you create a rule or enable a compliance package, you can view the settings, compliance evaluation results, and resource remediation details of the created rule or each managed rule in the compliance package.

Background information

For more information about how to enable a compliance package, see Enable a compliance package.

Use an ordinary account

If you use an ordinary account, you can view the details of the rules within your account.

  1. Log on to the Cloud Config console.
  2. In the left-side navigation pane, click Rules.
  3. On the Rules page, set filter conditions or enter a keyword to search for the rule whose details you want to view.
    • Search: You can enter a keyword in the search box to search for rules by name.
    • Filter: You can filter rules by compliance package name, risk level, compliance evaluation result, and status.
  4. Click the name of the rule.
    On the rule details page, you can view the settings, compliance evaluation results, and resource remediation details of the rule on different tabs.
    • On the Rule Details tab, you can view the information described in the following table.
      Section Description
      Properties The basic information about the rule. The following list describes the parameters in this section:
      • If the rule is a managed rule or created based on a managed rule, the Rule Name, IDs of Managed Rules, Created At, Risk Level, Trigger, Suggestions, and Description parameters are displayed.
      • If the rule is a custom rule, the Rule Name, Function ARN, Created At, Risk Level, Trigger, Suggestions, and Description parameters are displayed.
      Assess Resource Scope The types of resources to which the rule applies. The following list describes the parameters in this section:
      • If the rule is a managed rule or created based on a managed rule, the Linked Resource Type, Excluded Resource IDs, Set Effective Resource Group ID, Set Effective Region, and Set Effective Tag parameters are displayed.
      • If the rule is a custom rule, only the Linked Resource Type parameter is displayed.
      Parameters You can view the names and values of the input parameters set for the rule and the relationship among the parameters.
    • On the Result tab, you can view the statistics and compliance evaluation results of the resources associated with the rule.
      • Statistics on the resources associated with the rule
        Statistical item Description
        Total Audited Resources The total number of resources that have been evaluated based on the rule after you enable the rule. The resources that you have released are included.
        Number of Compliant Resources The number of resources that are considered to be Compliant based on the rule in the last evaluation.
        Number of Non-compliant Resources The number of resources that are considered to be Non-compliant based on the rule in the last evaluation.
        Number of Inapplicable Resources The number of associated resources to which the rule is inapplicable or that do not support the feature of the rule.
        Ignored The number of resources that are ignored. You can ignore a resource if its latest compliance evaluation result is Non-compliant based on the rule.
        When you set a resource to be ignored, you can specify a remark for the resource. After the resource is ignored, you can cancel the setting or modify the remark.
        Note After a resource is set to be ignored for the rule, the rule still performs compliance evaluations on the resource, but the compliance evaluation result of the resource based on the rule becomes Ignored.
        Note Each statistical item that is described in the preceding table indicates the number of resources rather than the number of resource types.
      • Compliance evaluation results of the resources associated with the rule
        You can view the IDs, types, and latest compliance evaluation results of the resources that are associated with the rule. The following table describes the operations that you can perform on a resource that is associated with the rule.
        Operation Description
        Details Click Details. You can view the basic information, core configuration, and latest compliance evaluation result of the resource.
        Configuration Timeline Click Configuration Timeline. You can view the configuration timeline of the resource.
        Compliance Timeline Click Compliance Timeline. You can view the compliance timeline of the resource.
        Manage Click the More icon icon and select Manage. You can manage the resource in the corresponding cloud service console that appears.
        Ignore Click the More icon icon in the Evaluation Result column and select Ignore. This operation is supported only if the latest compliance evaluation result of the resource is Non-compliant. After you set the resource to be ignored, its compliance evaluation result becomes Ignored.
    • On the Correction Details tab, you can view the remediation details of the rule. The following table describes different sections on the tab.
      Note If the rule does not support remediation, the The rule does not support correction message is displayed.
      Section Description
      Remediation details You can view the remediation type, remediation template, remediation method, and remediation parameters.
      Remediation history You can view the information about each resource for which remediation has been performed, including the resource ID, resource type, time when remediation was performed, remediation result, and remediation reason.

Use a management account

If you use a management account, you can view the details of the rules within your account and those within member accounts in the relevant resource directory.

  1. Log on to the Cloud Config console.
  2. In the left-side navigation pane, click Rules.
  3. On the Rules page, click the required account group tab.
  4. On the account group tab, set filter conditions or enter a keyword to search for the rule whose details you want to view.
    • Search: You can enter a keyword in the search box to search for rules by name.
    • Filter: You can filter rules by compliance package name, risk level, compliance evaluation result, and status.
  5. Click the name of the rule.
    On the rule details page, you can view the settings, compliance evaluation results, and resource remediation details of the rule on different tabs.
    • On the Rule Details tab, you can view the information described in the following table.
      Section Description
      Properties The basic information about the rule. The following list describes the parameters in this section:
      • If the rule is a managed rule or created based on a managed rule, the Rule Name, IDs of Managed Rules, Created At, Risk Level, Trigger, Suggestions, and Description parameters are displayed.
      • If the rule is a custom rule, the Rule Name, Function ARN, Created At, Risk Level, Trigger, Suggestions, and Description parameters are displayed.
      Assess Resource Scope The types of resources to which the rule applies. The following list describes the parameters in this section:
      • If the rule is a managed rule or created based on a managed rule, the Linked Resource Type, Excluded Resource IDs, Set Effective Resource Group ID, Set Effective Region, and Set Effective Tag parameters are displayed.
      • If the rule is a custom rule, only the Linked Resource Type parameter is displayed.
      Parameters You can view the names and values of the input parameters set for the rule and the relationship among the parameters.
    • On the Result tab, you can view the statistics and compliance evaluation results of the resources associated with the rule.
      • Statistics on the resources associated with the rule
        Statistical item Description
        Total Audited Resources The total number of resources that have been evaluated based on the rule after you enable the rule. The resources that you have released are included.
        Number of Compliant Resources The number of resources that are considered to be Compliant based on the rule in the last evaluation.
        Number of Non-compliant Resources The number of resources that are considered to be Non-compliant based on the rule in the last evaluation.
        Number of Inapplicable Resources The number of associated resources to which the rule is inapplicable or that do not support the feature of the rule.
        Ignored The number of resources that are ignored. You can ignore a resource if its latest compliance evaluation result is Non-compliant based on the rule.
        When you set a resource to be ignored, you can specify a remark for the resource. After the resource is ignored, you can cancel the setting or modify the remark.
        Note After a resource is set to be ignored for the rule, the rule still performs compliance evaluations on the resource, but the compliance evaluation result of the resource based on the rule becomes Ignored.
        Note Each statistical item that is described in the preceding table indicates the number of resources rather than the number of resource types.
      • Compliance evaluation results of the resources associated with the rule
        You can view the IDs, types, and latest compliance evaluation results of the resources that are associated with the rule. The following table describes the operations that you can perform on a resource that is associated with the rule.
        Operation Description
        Details Click Details. You can view the basic information, core configuration, and latest compliance evaluation result of the resource.
        Configuration Timeline Click Configuration Timeline. You can view the configuration timeline of the resource.
        Compliance Timeline Click Compliance Timeline. You can view the compliance timeline of the resource.
        Manage Click the More icon icon and select Manage. You can manage the resource in the corresponding cloud service console that appears.
        Ignore Click the More icon icon in the Evaluation Result column and select Ignore. This operation is supported only if the latest compliance evaluation result of the resource is Non-compliant. After you set the resource to be ignored, its compliance evaluation result becomes Ignored.
    • On the Correction Details tab, you can view the remediation details of the rule. The following table describes different sections on the tab.
      Note If the rule does not support remediation, the The rule does not support correction message is displayed.
      Section Description
      Remediation details You can view the remediation type, remediation template, remediation method, and remediation parameters.
      Remediation history You can view the information about each resource for which remediation has been performed, including the resource ID, resource type, time when remediation was performed, remediation result, and remediation reason.