Checks whether a VPN Gateway instance expires within a specified number of days. The default threshold is 30 days.
Risk level
Default risk level: High.
You can change the risk level based on your business requirements.
Detection logic
-
A VPN Gateway instance is considered compliant if its expiration date is more than the specified number of days from the current date. Default value: 30 days.
Rule details
|
Parameter |
Description |
|
Rule name |
VPN instance expiration check |
|
Rule identifier |
|
|
Tag |
VPN,ResourceExpired |
|
Automatic remediation |
Supported |
|
Rule trigger |
Configuration change |
|
Supported resource types |
ACS::VPN::VpnGateway |
|
Input parameters |
days (Default value: 30) |
Remediation
To remediate non-compliant resources, see Upgrade, downgrade, and renew VPN Gateway instances.