All Products
Search
Document Center

Cloud Config:View the details of a rule

Last Updated:Aug 07, 2023

After you create a rule, you can view the rule settings, compliance evaluation results, and resource remediation details of the rule.

Background information

For information about how to create a rule by using a compliance package, see Create a compliance package.

Procedure

  1. Log on to the Cloud Config console.

  2. Optional. In the upper-left corner, select an account group.

    This operation is required only if you are using a management account of a resource directory. Otherwise, you do not need to perform the operation.

  3. In the left-side navigation pane, choose Compliance & Audit > Rules.

  4. On the Rules page, configure filter conditions or enter a keyword to search for the rule whose details you want to view.

    • Search: You can enter a keyword in the search box to search for rules by name.

    • Filter: You can filter rules by compliance package name, risk level, compliance evaluation result, and status.

  5. Click the rule name and ID in the Rule Name/Rule ID column, or click Details in the Actions column.

    On the page that appears, you can view the settings, compliance evaluation results, and resource remediation details of the rule on different tabs.

    • In the Basic Properties section, you can view the following basic information of the rule:

      • If the rule is a managed rule or created based on a managed rule, the Rule Identifier, Rule Name, Rule Template Identifier, CreateTime, Risk Level, Trigger, Suggestions, and Description parameters are displayed.

      • If the rule is a custom rule, the Rule Identifier, Rule Name, Function ARN, CreateTime, Risk Level, Trigger, Suggestions, and Description parameters are displayed.

    • On the Result tab, you can view the statistics and compliance evaluation results of the resources associated with the rule.

      • Statistics on the resources associated with the rule

        Item

        Description

        NonCompliant Resource Count

        The number of resources that are considered Non-compliant based on the rule in the last evaluation.

        Total resources evaluated

        The total number of resources that have been evaluated based on the rule after you enable the rule. The resources that you have released are included.

        Compliant Resource Count

        The number of resources that are considered Compliant based on the rule in the last evaluation.

        NotApplicable Resource Count

        The number of associated resources to which the rule is inapplicable or that do not support the feature of the rule.

        Ignored

        The number of resources whose non-compliant evaluation results against the rule are ignored. For more information about how to ignore evaluation results, see Ignore the evaluation result of a rule.

      • Compliance evaluation results of the resources associated with the rule

        You can view the IDs, types, and latest compliance evaluation results of the resources that are associated with the rule. The following table describes the operations that you can perform on a resource that is associated with the rule.

        Category

        Description

        Configuration Timeline

        Click Configuration Timeline to view the configuration timeline of the resource.

        Compliance Timeline

        Click Compliance Timeline to view the compliance timeline of the resource.

        Ignore Evaluation Result

        Click Ignore Evaluation Result to ignore the evaluation result of the resource based on the rule. For more information, see Ignore the evaluation result of a rule.

    • On the Rule Detail tab, you can view the details of the rule. The following table describes the rule details.

      Category

      Description

      Resource Scope

      The types of resources to which the rule applies. The following information about the resources is displayed in the Resource Scope section:

      • If the rule is a managed rule or created based on a managed rule, the Related Resource Type, Excluded Resource IDs, Set Resource Group, Region, and Tags parameters are displayed.

      • If the rule is a custom rule, only the Related Resource Type parameter is displayed.

      Parameter Settings

      You can view the names and values of the input parameters that are configured for the rule and the relationship among the parameters.

    • On the Remediation Details tab, you can view the remediation details of the rule and perform manual remediation. The following table describes the information displayed on the Remediation Detail tab.

      Category

      Description

      Remediation Detail

      You can view the Remediation Type, Remediation Method, Remediation Template, and Remediation Templates Parameters parameters in this section.

      Execution Result List

      You can view the information about each resource on which remediation has been performed, including the Resource ID, Resource Type, Execution Time, Execution Result, and Reason parameters.