You can use a compliance package that is created from the BestPracticeForIdleResourceDetection template to check whether the purchased resources of Alibaba Cloud services are idle. The applicable Alibaba Cloud services include Elastic IP Address (EIP), Internet Shared Bandwidth, Virtual Private Cloud (VPC), and VPN Gateway. If resources are not used after the resources are purchased, this may result in resource waste. We recommend that you identify idle resources and use the resources at the earliest opportunity. This topic describes the default rules of the BestPracticeForIdleResourceDetection compliance package template.
Rule name | Rule description |
Checks whether at least one backend server is added to all listeners of each Application Load Balancer (ALB) instance. If so, the evaluation result is Compliant. If the creation time of an ALB instance is within the specified number of days, the evaluation result is Not Applicable. The default number of days is 7. | |
Checks whether a resource instance is attached to an Internet Shared Bandwidth instance within a specified period of time after the Internet Shared Bandwidth instance is created. If the creation time of the Internet Shared Bandwidth instance is within the specified number of days, the evaluation result is Not Applicable. The default number of days is 7. | |
Checks whether a namespace and an image repository are created for each Container Registry instance. If so, the evaluation result is Compliant. If the creation time of a Container Registry instance is created within the specified number of days, the evaluation result is Not Applicable. The default number of days is 7. | |
Checks whether each disk is in the In Use state. If so, the evaluation result is Compliant. If the creation time of a disk is within the specified number of days, the evaluation result is Not Applicable. The default number of days is 7. | |
Checks whether a resource instance is attached to each EIP within a specified period of time after the EIP is created. If so, the evaluation result is Compliant. If the creation time of an EIP is within the specified number of days, the evaluation result is Not Applicable. The default number of days is 7. | |
Checks whether an EIP is attached to each NAT gateway and a source network address translation (SNAT) entry or a destination network address translation (DNAT) entry is configured for the EIP. If so, the evaluation result is Compliant. If the creation time of a NAT gateway is within the specified number of days, the evaluation result is Not Applicable. The default number of days is 7. | |
Checks whether an EIP is attached to each NAT gateway in a VPC and an SNAT entry or a DNAT entry is configured for the EIP. If so, the evaluation result is Compliant. If the creation time of a NAT gateway in the VPC is within the specified number of days, the evaluation result is Not Applicable. The default number of days is 7. | |
Checks whether a mount target is created for each File Storage NAS file system. If so, the evaluation result is Compliant. If the creation time of an File Storage NAS file system is within the specified number of days, the evaluation result is Not Applicable. The default number of days is 7. | |
Checks whether at least one listener is running on each Server Load Balancer (SLB) instance. If so, the evaluation result is Compliant. If the creation time of an SLB is within the specified number of days, the evaluation result is Not Applicable. The default number of days is 7. | |
Checks whether a destination-based route and a policy-based route are configured for each VPN gateway and the automatic BGP route propagation feature is enabled for each VPN gateway. If so, the evaluation result is Compliant. If the creation time of a VPN gateway is within the specified number of days, the evaluation result is Not Applicable. The default number of days is 7. | |
Checks whether each ECS instance is in the Stopped state. If not, the evaluation result is Compliant. |