Aliyun Packs
Total packs: 43
Available Packs
| Pack ID | Name | Rules | Description |
|---|---|---|---|
| accesskey-permission-governance-best-practice | AccessKey and Permission Governance Best Practice | 14 | Best practices for AccessKey and permission governance |
| ai-model-training-architecture-best-practice | AI Model Training Architecture Best Practice | 22 | Best practices for AI model training architecture, covering ACK, ECS, NAS, OSS, VPC, and other resources. |
| aliyun-platform-security-best-practice | Aliyun Platform Security Best Practice | 26 | Best practices for Aliyun platform security |
| aliyun-well-architected-security-pillar-best-practice | Aliyun Well-Architected Security Pillar Best Practice | 41 | Best practices for Aliyun well-architected security pillar |
| best-practice | Best Practice Pack | 49 | Directory roll-up of Alibaba Cloud best-practice packs, covering naming, tagging, template metadata, architecture, database, cache, storage, security, and resilience checks. |
| change-management-best-practice | Change Management Best Practice | 5 | From the change management dimension, detect the stability of cloud resources to help identify potential issues in advance and improve stability and operational efficiency. |
| china-gmp-annex-compliance | China GMP Annex Compliance | 50 | Compliance pack for pharmaceutical, biotechnology and medical device companies using cloud services that need to meet China GMP Annex standards. This pack provides mappings between standard requirements and Alibaba Cloud product settings. |
| cloud-governance-center-compliance-practice | Cloud Governance Center Compliance Practice | 19 | Compliance practices for cloud governance center |
| compliance | Cloud Compliance Pack | 136 | Directory roll-up of Alibaba Cloud compliance packs, covering security baselines, regulatory frameworks, governance, encryption, logging, access controls, and resilience checks. |
| cost-optimization | Cost Optimization Pack | 14 | Directory roll-up of Alibaba Cloud cost optimization packs for sizing, idle-resource detection, retention, storage, database, cache, network, and log cost controls. |
| database-compliance-management-best-practice | Database Compliance Management Best Practice | 17 | Best practices for database compliance management |
| ecs-compliance-management-best-practice | ECS Compliance Management Best Practice | 9 | Best practices for ECS compliance management |
| elasticity | Elasticity Pack | 15 | Elasticity scenario roll-up for Alibaba Cloud ROS resources, covering autoscaling limits, placement choices, launch capacity, scaling actions, load balancer health checks, serverless concurrency, and MSE capacity. |
| generative-ai-compliance-best-practice | Generative AI Compliance Best Practice | 13 | This compliance pack aims to help you comprehensively detect and manage potential compliance risks in security and stability aspects of Bailian, PAI platform, and their dependent core products (such as ACK, ACR, OSS, NAS, KMS, SLS, MaxCompute, etc.). |
| gxp-eu-annex11-compliance | GxP EU Annex 11 Compliance | 50 | Compliance pack for pharmaceutical, biotechnology and medical device companies using cloud services that need to meet GxP EU Annex 11 standards. This pack provides mappings between standard requirements and Alibaba Cloud product settings. |
| high-availability | High Availability Pack | 75 | Directory roll-up of Alibaba Cloud high-availability packs for multi-zone placement, failover, replica baselines, backup, lifecycle, and zone-redundant storage checks. |
| iso-27001-compliance | ISO-27001 Security Management Standard Compliance | 49 | Compliance pack for ISO-27001 Information Security Management System standard. This pack helps organizations verify their cloud resources meet ISO-27001 security requirements. |
| mlps-level-2-pre-check-compliance-pack | MLPS Level 2 Pre-check Compliance Pack | 24 | Compliance pack for MLPS level 2 pre-check |
| mlps-level-3-pre-check-compliance-pack | MLPS Level 3 Pre-check Compliance Pack | 58 | Compliance pack for MLPS level 3 pre-check requirements on Aliyun resources. |
| multi-zone-architecture-best-practice | Multi-zone Architecture Best Practice | 38 | Best practices for high availability architecture of products such as relational databases, NoSQL databases, and load balancers to build availability zone-level disaster recovery capabilities and ensure service availability and data reliability. |
| network-architecture | Network Architecture Pack | 24 | Directory roll-up of Alibaba Cloud network architecture packs for VPC planning, zone placement, private exposure, load balancer topology, and enterprise network hub attachments. |
| network-data-security-best-practice | Network and Data Security Best Practice | 8 | Best practices for network and data security including ECS instance security, OSS bucket encryption and access control, RDS instance security configurations. |
| nist800-53-compliance | NIST 800-53 Compliance | 47 | Compliance pack for NIST 800-53 Security and Privacy Controls. This pack helps organizations verify their cloud resources meet NIST 800-53 security control requirements. |
| oceanbase-best-practice | OceanBase Best Practice | 0 | Continuously check OceanBase compliance based on security practices. |
| operations | Operations Pack | 40 | Directory roll-up of Alibaba Cloud operations packs for observability, audit logging, backup, recovery, lifecycle, expiration, change management, and deletion protection. |
| oss-compliance-management-best-practice | OSS Compliance Management Best Practice | 9 | Best practices for OSS bucket compliance management, covering access control, encryption, logging, versioning, and security policies. |
| pci-dss-compliance | PCI-DSS Data Security Standard Compliance | 36 | Compliance pack for Payment Card Industry Data Security Standard (PCI-DSS). This pack helps organizations verify their cloud resources meet PCI-DSS requirements for protecting cardholder data. |
| polardb-application-best-practice | PolarDB Application Best Practice | 4 | Best practices for PolarDB cluster configuration, covering security, backup, version management, and operational settings. |
| quick-start-compliance-pack | Quick Start Compliance Pack | 4 | A quick start compliance pack covering basic security best practices for ECS, OSS, RAM, and RDS. |
| redis-application-best-practice | Redis Application Best Practice | 8 | Best practices for Redis instance configuration, covering high availability, security, backup, performance, and operational settings. |
| resource-backup-best-practice | Resource Backup Best Practice | 3 | Best practices for enabling backup features on cloud resources to ensure data protection and disaster recovery. |
| resource-expiration-notification-best-practice | Resource Expiration Notification Best Practice | 7 | Detects stability risks related to resource expiration, helping to discover hidden dangers in advance and improve stability and operational efficiency. |
| resource-idle-detection-best-practice | Resource Idle Detection Best Practice | 1 | Detect common cloud resources that are idle after purchase, involving EIP, shared bandwidth, VPC, VPN and other cloud products. Idle resources lead to enterprise cost waste and should be identified and managed in time. |
| resource-protection-best-practice | Resource Protection Best Practice | 13 | Best practices for enabling protection features on cloud resources to prevent accidental deletion or modification. |
| resource-public-access-detection-best-practice | Resource Public Access Detection Best Practice | 11 | Best practices for detecting and managing public access to cloud resources to ensure security. |
| resource-stability-best-practice | Resource Stability Best Practice | 39 | Detect resource stability from six dimensions: high availability architecture, capacity protection, change management, monitoring management, backup management, and fault isolation, which helps to identify risks in advance and improve stability and O&M efficiency. |
| rmit-financial-standard-compliance-pack | RMiT Financial Standard Compliance Pack | 28 | Compliance pack for RMiT financial standards |
| ros-best-practice | ROS Best Practice Pack | 2 | A compliance pack covering ROS template best practices, including metadata configuration and sensitive parameter protection. |
| security | Security Scenario Pack | 82 | Directory roll-up of Alibaba Cloud security packs, covering identity, network exposure, data protection, audit logging, supply chain, key management, platform security, and security group controls. |
| security-group-best-practice | Security Group Best Practice | 8 | Continuously check security group rules for compliance to reduce security risks. |
| security-group-best-practice-v2 | Security Group Best Practice | 8 | Best practices for ECS security group configuration to ensure network security and access control. Includes checks for risky ports, access restrictions, and security group settings. |
| slb-application-best-practice | SLB Application Best Practice | 11 | Best practices for SLB and ALB configuration, covering high availability, security, health checks, and operational settings. |
| soc2-audit-compliance | SOC 2 Audit Standard Compliance | 42 | Compliance pack for SOC 2 (Service Organization Control 2) audit standards. This pack helps organizations verify their cloud resources meet SOC 2 trust principles for security, availability, and confidentiality. |