Checks whether the associated resources of each Elastic Compute Service (ECS) instance inherit a specified tag of the ECS instance. If so, the evaluation result is Compliant.
Scenarios
Cloud-based IT management requires that each resource have one or more specified tags. The tags are used for subsequent management of resources, such as permission isolation, bill splitting, and automatic O&M.
Risk level
Default risk level: medium.
When you configure this rule, you can change the risk level based on your business requirements.
Compliance evaluation logic
- If the associated resources of each ECS instance inherit a specified tag of the instance, the evaluation result is Compliant.
For example, if the
env:prodtag is attached to an ECS instance and theenv:prodtag is also attached to the disks of the ECS instance, the evaluation result is Compliant. - If the associated resources of an ECS instance do not inherit a specified tag of the instance, the evaluation result is Incompliant.
Rule details
| Item | Description |
|---|---|
| Rule name | resources-inherit-tags-from-ecs-instance |
| Rule identifier | resources-inherit-tags-from-ecs-instance |
| Tag | ECS and Tag |
| Automatic remediation | Not supported |
| Trigger type | Periodic execution |
| Evaluation frequency | Interval of 24 hours |
| Supported resource type |
|
| Input parameter | inheritTagKeys |