Checks whether Cloud Firewall contains no control policy that matches the conditions specified by the input parameters of this rule.
Scenarios
You can configure control policies based on the principle of least privilege in Cloud Firewall to reduce network exposure and protect cloud network security.
Risk level
Default risk level: high.
You can change the risk level as required when you apply this rule.
Compliance evaluation logic
- If Cloud Firewall contains no control policy that matches the conditions specified by the input parameters of this rule, the evaluation result is compliant.
- If Cloud Firewall contains a control policy that matches the conditions specified by the input parameters of this rule, the evaluation result is non-compliant. For more information about how to correct the non-compliant configuration, see Non-compliance remediation.
Rule details
| Item | Description |
|---|---|
| Rule name | cloud-fire-wall-no-matched-control-policy |
| Rule ID | cloud-fire-wall-no-matched-control-policy |
| Tag | CloudFireWall and ControlPolicy |
| Automatic remediation | Not supported |
| Trigger type | Periodic execution |
| Time interval | 24 hours |
| Supported resource type | None |
| Input parameters |
|
Non-compliance remediation
Configure an access control policy in Cloud Firewall. For more information, see Create access control policies for outbound and inbound traffic on the Internet firewall.