All Products
Search
Document Center

Cloud Config:ecs-instance-running-process-disabled

Last Updated:Jun 18, 2026

Evaluates ECS instances as Compliant if their running processes do not include specified processes.

Scenarios

Use this rule to detect prohibited processes running on ECS instances and enforce unified management policies.

Risk level

Default risk level: medium.

You can change the risk level when you configure this rule.

Compliance evaluation logic

This rule relies on asset fingerprints from Security Center. Make sure that you use Security Center Enterprise Edition or Ultimate.

  • If the running processes of an ECS instance do not include specified processes, the evaluation result is Compliant.
  • If the running processes of an ECS instance include specified processes, the evaluation result is Incompliant. To remediate this, see Incompliance remediation.

Rule details

Item Description
Rule name ecs-instance-running-process-disabled
Rule identifier ecs-instance-running-process-disabled
Tag Process and ECS
Automatic remediation Not supported
Trigger type Periodic execution
Evaluation frequency Interval of 24 hours
Supported resource type ECS Instances
Input parameter ProcessName

Incompliance remediation

Disable the specified processes on the ECS instance. For more information, see Investigate asset fingerprints.