PCI-DSS 数据安全标准合规包

ID: pack:aliyun:pci-dss-compliance

描述

支付卡行业数据安全标准(PCI-DSS)合规包。本合规包帮助组织验证其云资源是否符合 PCI-DSS 保护持卡人数据的要求。

包含的规则

• rule:aliyun:api-gateway-api-internet-request-https
• rule:aliyun:ecs-disk-encrypted
• rule:aliyun:ecs-instance-enabled-security-protection
• rule:aliyun:ecs-security-group-risky-ports-check-with-protocol
• rule:aliyun:ecs-security-group-white-list-port-check
• rule:aliyun:ecs-snapshot-retention-days
• rule:aliyun:fc-function-custom-domain-and-tls-enable
• rule:aliyun:kms-key-delete-protection-enabled
• rule:aliyun:kms-key-rotation-enabled
• rule:aliyun:kms-secret-rotation-enabled
• rule:aliyun:oss-bucket-anonymous-prohibited
• rule:aliyun:oss-bucket-only-https-enabled
• rule:aliyun:oss-bucket-server-side-encryption-enabled
• rule:aliyun:oss-encryption-byok-check
• rule:aliyun:oss-zrs-enabled
• rule:aliyun:polardb-cluster-enabled-tde
• rule:aliyun:polardb-cluster-maintain-time-check
• rule:aliyun:polardb-public-and-any-ip-access-check
• rule:aliyun:ram-group-has-member-check
• rule:aliyun:ram-policy-no-statements-with-admin-access-check
• rule:aliyun:ram-user-ak-create-date-expired-check
• rule:aliyun:ram-user-ak-used-expired-check
• rule:aliyun:ram-user-group-membership-check
• rule:aliyun:ram-user-last-login-expired-check
• rule:aliyun:ram-user-login-check
• rule:aliyun:ram-user-mfa-check
• rule:aliyun:rds-instance-enabled-auditing
• rule:aliyun:rds-instance-enabled-disk-encryption
• rule:aliyun:rds-instance-enabled-log-backup
• rule:aliyun:rds-instance-maintain-time-check
• rule:aliyun:rds-public-connection-and-any-ip-access-check
• rule:aliyun:sg-public-access-check
• rule:aliyun:slb-all-listenter-tls-policy-check
• rule:aliyun:sls-logstore-enabled-encrypt
• rule:aliyun:vpc-flow-logs-enabled
• rule:aliyun:waf-instance-logging-enabled

---

此文档由策略元数据自动生成。