Evaluates whether each resource management account is of a specified type, such as ResourceAccount. Accounts that match the specified type are evaluated as Compliant.
Scenarios
Standardizing the type of Alibaba Cloud resource management accounts simplifies management, strengthens security, streamlines permission control and auditing, and ensures system security, reliability, and controllability. It is a recommended best practice.
Risk level
Default risk level: medium.
You can change the risk level based on your business requirements when you apply this rule.
Compliance evaluation logic
-
If each resource management account is of a specified type, such as ResourceAccount, the evaluation result is Compliant.
-
If a resource management account is not of a specified type, the evaluation result is Non-compliant.
Rule details
|
Item |
Description |
|
Rule name |
resourcemanager-account-type-check |
|
Rule ID |
|
|
Tag |
RD and Account |
|
Automatic remediation |
Not supported |
|
Trigger type |
Configuration change |
|
Supported resource type |
Member account |
|
Input parameter |
allowType. Default value: ResourceAccount |
Non-compliance remediation
Ensure that each resource management account is of a specified type. For more information, see ListAccounts.