All Products
Search

This Product

    Cloud Config:Example of resource non-compliance events

    Document Center

    Cloud Config:Example of resource non-compliance events

    Last Updated:Oct 14, 2025

    This topic provides an example of resource non-compliance events that are delivered to Simple Log Service for storage. The following sections describe the content of the example and the parameters involved.

    Example

    In single-account mode, a non-compliance event for an ECS instance that does not use a specified image is delivered to Simple Log Service from the Alibaba Cloud account 120886317861****. The following code shows a sample event:

    {
  "annotation": {
    "configuration": "aliyun_3_x64_20G_alibase_20250117.vhd",
    "desiredValue": "03333",
    "operator": "StringIn",
    "property": "$.ImageId"
  },
  "riskLevel": "Warning",
  "dataType": "NonCompliantNotification",
  "evaluationResultIdentifier": {
    "orderingTimestamp": 1748917125166,
    "evaluationResultQualifier": {
      "resourceId": "i-2ze1j7ocdg95bd5z4p**",
      "configRuleName": "ECS instance uses specified image",
      "sourceIdentifier": "ecs-instance-imageId-check",
      "configRuleId": "cr-5a8f4fbef2bc00e5aa**",
      "captureTime": 1748917125166,
      "resourceName": "launch-advisor-20250530",
      "compliancePackId": "cp-5a8f4fbef2bc00e5aa**",
      "configRuleArn": "acs:config::141339776561****:rule/cr-5a8f4fbef2bc00e5aa**",
      "regionId": "cn-beijing",
      "resourceArn": "acs:ecs:cn-beijing:141339776561****:instance/i-2ze1j7ocdg95bd5z4p**",
      "resourceGroupId": "rg-acfmykd63gtpfpa",
      "resourceOwnerId": 1413397765616316,
      "resourceType": "ACS::ECS::Instance"
    }
  },
  "eventType": "ResourceCompliance",
  "invokingEventMessageType": "Manual",
  "complianceType": "NON_COMPLIANT",
  "accountId": "141339776561****",
  "lastNonCompliantRecordTimestamp": "1748916884628",
  "requestId": "2e05d4cf-37e4-4a41-bff2-8f1932bf9a**",
  "eventName": "NonCompliant",
  "notificationCreationTime": "1748917125362"
}

    Parameters

    The following table describes the parameters involved in resource non-compliance events that are delivered to Simple Log Service.

    Parameter

    Description

    accountId

    The ID of the account to which the resource belongs. The account ID depends on the account mode.

    • Single-account mode: Enter the ID of an independent Alibaba Cloud account that is not added to a resource directory by using a management account.

    • Multi-account mode: Enter a management account ID or a member account ID.

    annotation

    The description of the non-compliant configuration.

    complianceType

    The compliance evaluation result. Set the value to NON_COMPLIANT.

    dataType

    The type of the log received by Simple Log Service. Valid values:

    • ConfigurationItemChangeNotification: resource configuration history.

    • NonCompliantNotification: resource non-compliance event.

    evaluationResultIdentifier

    The information about the compliance evaluation result.

    eventName

    The name of the event. Set the value to NonCompliant.

    eventType

    The type of the event. Valid values:

    • ResourceChange: resource change event.

    • ResourceCompliance: resource non-compliance event.

    invokingEventMessageType

    The trigger type of the rule. Valid values:

    • ScheduledNotification: The rule is periodically triggered.

    • ConfigurationItemChangeNotification: The rule is triggered by configuration changes.

    • Manual: The rule is manually triggered.

    notificationCreationTime

    The timestamp when the message was generated.

    riskLevel

    The risk level of the resources that are not compliant with the rule. Valid values:

    • Info: low risk.

    • Warning: medium risk.

    • Critical: high risk.