If the configuration of a resource is evaluated as incompliant, Cloud Config automatically delivers an incompliance event to CloudMonitor. You can view the incompliance event in the CloudMonitor console. You can also use the event alert feature of CloudMonitor to trigger an alert notification for the incompliance event.

Scenarios

In this example, a rule of the high-risk level is created in the Cloud Config console based on the ecs-instance-deletion-protection-enabled managed rule. Cloud Config automatically evaluates all Elastic Compute Service (ECS) instances within your Alibaba Cloud account.

Step 1: Create a rule

  1. Log on to the Cloud Config console.
  2. In the left-side navigation pane, click Rules.
  3. On the Rules page, click Create Rule in the upper-right corner.
  4. On the Create Rule page, search for the ecs-instance-deletion-protection-enabled managed rule.
  5. Click Apply Rule.
  6. In the Properties step, use the default values for the Rule Name, Risk Level, and Description parameters. Then, click Next.
  7. In the Assess Resource Scope step, use the default resource type and click Next.
  8. In the Parameters step, click Next.
  9. In the Modify step, click Next.
  10. In the Preview and Save step, verify the rule configurations and click Submit.
  11. View the compliance evaluation results generated based on the rule for ECS instances.
    Click View Details and then click Result to view the compliance evaluation results generated based on the rule for ECS instances.

Step 2: Create a system event-triggered alert rule

  1. Create an alert contact.
    1. Log on to the CloudMonitor console.
    2. In the left-side navigation pane, choose Alerts > Alert Contacts.
    3. On the Alert Contacts tab, click Create Alert Contact.
    4. In the Set Alert Contact panel, enter the name, email address, and DingTalk chatbot of the alert contact, and make sure that the Alert Notification Information Language parameter is set to the default value Automatic.
      Note Automatic indicates that CloudMonitor automatically selects the language of alert notifications based on the language that you use to create your Alibaba Cloud account.
    5. Verify the parameters and click OK.
    6. Optional. Activate the email address of the alert contact.
      By default, the email address of the alert contact is in the Pending Activation state. After the alert contact receives an email that contains the activation link, the alert contact must activate the email address within 24 hours. Otherwise, the alert contact cannot receive alert notifications. After the email address is activated, you can view the email address in the alert contact list.
  2. Create an alert group.
    1. On the Alert Contacts page, click the Alert Contact Group tab.
    2. On the Alert Contact Group tab, click Create Alert Contact Group.
    3. In the Create Alert Contact Group panel, enter a name for the alert contact group and add alert contacts to the alert contact group.
    4. Click Confirm.
  3. Create a system event-triggered alert rule.
    After Cloud Config delivers all non-compliance events to CloudMonitor, you can create alert rules as required to receive alert notifications.
    1. In the left-side navigation pane, choose Event Monitoring > System Event.
    2. Click the Event-triggered Alert Rules tab.
    3. Click Create Alert Rule.
    4. In the Create/Modify Event-triggered Alert Rule panel, set the parameters of the system event-triggered alert rule.
      • In the Basic Info section, enter a name for the system event-triggered alert rule in the Alert Rule Name field.
      • In the Event-triggered Alert Rules section, set the following parameters: Select CloudConfig from the Product Type drop-down list. Select Notification from the Event Type drop-down list. Select INFO from the Event Level drop-down list. Select ConfigurationNonCompliantNotification from the Event Name drop-down list. Enter Critical in the Keyword Filtering field. Select Does not contain any of the keywords from the Condition drop-down list.
      • In the Notification Method section, select Alert Notification, select the alert group that you create in Substep 2 from the Contact Group drop-down list, and then select Info (Email + Webhook) from the Notification Method drop-down list.
    5. Click OK.