A member account is an Alibaba Cloud account in a resource directory. This topic helps you get started with Cloud Config by using a member account.

Procedure

The following figure shows the steps to get started with Cloud Config by using a member account. Quick start for member accounts
The following table describes the steps to get started with Cloud Config by using a member account.
Category Step Description
Basic operations Step 1: Authorize Cloud Config to access your resources Before you use Cloud Config, you must authorize Cloud Config to access your resources.
Step 2: View the resource list You can view and manage the resources within your account.
Step 3: Create a compliance package You can create a compliance package based on a compliance package template. After you create a compliance package, you can view the compliance evaluation results of associated resources based on the specified rule.
Advanced operations Step 4: Create a rule (Optional) You can create rules by enabling managed rules provided by Cloud Config to audit specified resources.

Step 1: Authorize Cloud Config to access your resources

  1. Log on to the Cloud Config console.
  2. In the Authorize step, click Allow to create the service-linked role that authorizes Cloud Config to access your resources.
    Authorize Cloud Config
    Note Cloud Config needs 2 to 10 minutes to scan your resources and generate a resource list.

Step 2: View the resource list

  1. Log on to the Cloud Config console.
  2. In the left-side navigation pane, choose Resources > Global Resources.
  3. On the Global Resources page, click the required account group tab.
  4. On the Global Resources page, enter a resource ID or set filter conditions to search for the specified resource.
    • You can enter a resource ID to search for the specified resource.
    • You can filter the resources based on the resource type, region, compliance status, and resource status to search for the specified resource with high efficiency.
  5. Click the resource ID in the Resource ID / Resource Name column.
  6. On the Details tab, view the basic information, core configurations, and latest compliance evaluation results of the resource.
    • In the Basic Information section, you can view the ID, name, type, and tags of the resource, the time when the resource was created, and the region and zone in which the resource resides.
    • In the Configuration Details section, you can click View JSON to view the core configurations in the JSON format.
    • In the Latest Evaluation Results section, you can view the latest compliance evaluation results of the resource.

Step 3: Create a compliance package

  1. Log on to the Cloud Config console.
  2. In the left-side navigation pane, click Compliance Package.
  3. On the Compliance Package page, click Enable Compliance Package in the upper-right corner.
  4. In the Basic Information step, specify a name and a risk level for the compliance package. Then, click Next.
  5. In the Select a rule step, select Compliance Package Template, Rules, or Managed rule from the drop-down list. Then, select one or more rules from the rule list. If you select Compliance Package Template, select a compliance package template from the drop-down list that appears. Then, click Next.
  6. In the Rule Settings step, configure the Rule Name, Risk Level, and Description parameters for each rule, and then click Finish.

Step 4: Create a rule (Optional)

  1. Log on to the Cloud Config console.
  2. In the left-side navigation pane, click Rules.
  3. On the Rules page, click Create Rule.
  4. On the Create Rule page, search for a managed rule based on the rule name, tag, evaluation logic, or risk level.
  5. Click Apply Rule.
  6. In the Properties step, set the Rule Name, Risk Level, and Description parameters. Then, click Next.
    The Rule Name, Risk Level, and Trigger Type parameters have default values. You can change the values of the Rule Name and Risk Level parameters.
  7. In the Assess Resource Scope step, keep the default resource type and click Next.
  8. In the Parameters step, click Next.
    If the managed rule has an input parameter, you must set an expected value for the input parameter.
  9. In the Modify step, click Next.

    For managed rules that allow you to modify the remediation settings, you can select the check box next to Modify and set the remediation method, remediation type, and parameters involved. For more information, see Configure automatic remediation or Configure manual remediation.

  10. In the Preview and Save step, check the configurations and click Submit.
  11. Verify that the rule is created.
    • Click View Details. On the page that appears, you can view the rule details on the Rule Details, Result, and Correction Details tabs.
    • Click Return to Rule List. In the Rules list, you can view the status of the created rule in the Status column. In normal cases, the rule is in the Active state.