Aliyun Packs
Total packs: 35
Available Packs
| Pack ID | Name | Rules | Description |
|---|---|---|---|
| accesskey-permission-governance-best-practice | AccessKey and Permission Governance Best Practice | 14 | Best practices for AccessKey and permission governance |
| ai-model-training-architecture-best-practice | AI Model Training Architecture Best Practice | 22 | Best practices for AI model training architecture, covering ACK, ECS, NAS, OSS, VPC, and other resources. |
| aliyun-platform-security-best-practice | Aliyun Platform Security Best Practice | 26 | Best practices for Aliyun platform security |
| aliyun-well-architected-security-pillar-best-practice | Aliyun Well-Architected Security Pillar Best Practice | 41 | Best practices for Aliyun well-architected security pillar |
| change-management-best-practice | Change Management Best Practice | 5 | From the change management dimension, detect the stability of cloud resources to help identify potential issues in advance and improve stability and operational efficiency. |
| china-gmp-annex-compliance | China GMP Annex Compliance | 50 | Compliance pack for pharmaceutical, biotechnology and medical device companies using cloud services that need to meet China GMP Annex standards. This pack provides mappings between standard requirements and Alibaba Cloud product settings. |
| cloud-governance-center-compliance-practice | Cloud Governance Center Compliance Practice | 19 | Compliance practices for cloud governance center |
| database-compliance-management-best-practice | Database Compliance Management Best Practice | 17 | Best practices for database compliance management |
| ecs-compliance-management-best-practice | ECS Compliance Management Best Practice | 9 | Best practices for ECS compliance management |
| generative-ai-compliance-best-practice | Generative AI Compliance Best Practice | 13 | This compliance pack aims to help you comprehensively detect and manage potential compliance risks in security and stability aspects of Bailian, PAI platform, and their dependent core products (such as ACK, ACR, OSS, NAS, KMS, SLS, MaxCompute, etc.). |
| gxp-eu-annex11-compliance | GxP EU Annex 11 Compliance | 50 | Compliance pack for pharmaceutical, biotechnology and medical device companies using cloud services that need to meet GxP EU Annex 11 standards. This pack provides mappings between standard requirements and Alibaba Cloud product settings. |
| iso-27001-compliance | ISO-27001 Security Management Standard Compliance | 49 | Compliance pack for ISO-27001 Information Security Management System standard. This pack helps organizations verify their cloud resources meet ISO-27001 security requirements. |
| mlps-level-2-pre-check-compliance-pack | MLPS Level 2 Pre-check Compliance Pack | 24 | Compliance pack for MLPS level 2 pre-check |
| mlps-level-3-pre-check-compliance-pack | MLPS Level 3 Pre-check Compliance Pack | 58 | Compliance pack for MLPS level 3 pre-check requirements on Aliyun resources. |
| multi-zone-architecture-best-practice | Multi-zone Architecture Best Practice | 38 | Best practices for high availability architecture of products such as relational databases, NoSQL databases, and load balancers to build availability zone-level disaster recovery capabilities and ensure service availability and data reliability. |
| network-data-security-best-practice | Network and Data Security Best Practice | 8 | Best practices for network and data security including ECS instance security, OSS bucket encryption and access control, RDS instance security configurations. |
| nist800-53-compliance | NIST 800-53 Compliance | 47 | Compliance pack for NIST 800-53 Security and Privacy Controls. This pack helps organizations verify their cloud resources meet NIST 800-53 security control requirements. |
| oceanbase-best-practice | OceanBase Best Practice | 0 | Continuously check OceanBase compliance based on security practices. |
| oss-compliance-management-best-practice | OSS Compliance Management Best Practice | 9 | Best practices for OSS bucket compliance management, covering access control, encryption, logging, versioning, and security policies. |
| pci-dss-compliance | PCI-DSS Data Security Standard Compliance | 36 | Compliance pack for Payment Card Industry Data Security Standard (PCI-DSS). This pack helps organizations verify their cloud resources meet PCI-DSS requirements for protecting cardholder data. |
| polardb-application-best-practice | PolarDB Application Best Practice | 4 | Best practices for PolarDB cluster configuration, covering security, backup, version management, and operational settings. |
| quick-start-compliance-pack | Quick Start Compliance Pack | 4 | A quick start compliance pack covering basic security best practices for ECS, OSS, RAM, and RDS. |
| redis-application-best-practice | Redis Application Best Practice | 8 | Best practices for Redis instance configuration, covering high availability, security, backup, performance, and operational settings. |
| resource-backup-best-practice | Resource Backup Best Practice | 3 | Best practices for enabling backup features on cloud resources to ensure data protection and disaster recovery. |
| resource-expiration-notification-best-practice | Resource Expiration Notification Best Practice | 7 | Detects stability risks related to resource expiration, helping to discover hidden dangers in advance and improve stability and operational efficiency. |
| resource-idle-detection-best-practice | Resource Idle Detection Best Practice | 1 | Detect common cloud resources that are idle after purchase, involving EIP, shared bandwidth, VPC, VPN and other cloud products. Idle resources lead to enterprise cost waste and should be identified and managed in time. |
| resource-protection-best-practice | Resource Protection Best Practice | 13 | Best practices for enabling protection features on cloud resources to prevent accidental deletion or modification. |
| resource-public-access-detection-best-practice | Resource Public Access Detection Best Practice | 11 | Best practices for detecting and managing public access to cloud resources to ensure security. |
| resource-stability-best-practice | Resource Stability Best Practice | 39 | Detect resource stability from six dimensions: high availability architecture, capacity protection, change management, monitoring management, backup management, and fault isolation, which helps to identify risks in advance and improve stability and O&M efficiency. |
| rmit-financial-standard-compliance-pack | RMiT Financial Standard Compliance Pack | 28 | Compliance pack for RMiT financial standards |
| ros-best-practice | ROS Best Practice Pack | 2 | A compliance pack covering ROS template best practices, including metadata configuration and sensitive parameter protection. |
| security-group-best-practice | Security Group Best Practice | 8 | Continuously check security group rules for compliance to reduce security risks. |
| security-group-best-practice-v2 | Security Group Best Practice | 8 | Best practices for ECS security group configuration to ensure network security and access control. Includes checks for risky ports, access restrictions, and security group settings. |
| slb-application-best-practice | SLB Application Best Practice | 11 | Best practices for SLB and ALB configuration, covering high availability, security, health checks, and operational settings. |
| soc2-audit-compliance | SOC 2 Audit Standard Compliance | 42 | Compliance pack for SOC 2 (Service Organization Control 2) audit standards. This pack helps organizations verify their cloud resources meet SOC 2 trust principles for security, availability, and confidentiality. |