SOC2 审计标准实践合规包
ID: pack:aliyun:soc2-audit-compliance
描述
SOC 2(服务组织控制 2)审计标准合规包。本合规包帮助组织验证其云资源是否符合 SOC 2 安全性、可用性和保密性信任原则。
包含的规则
rule:aliyun:api-gateway-group-enabled-sslrule:aliyun:ecs-disk-auto-snapshot-policyrule:aliyun:ecs-disk-encryptedrule:aliyun:ecs-instance-enabled-security-protectionrule:aliyun:ecs-instance-ram-role-attachedrule:aliyun:ecs-running-instance-no-public-iprule:aliyun:ecs-security-group-risky-ports-check-with-protocolrule:aliyun:ecs-security-group-white-list-port-checkrule:aliyun:eip-attachedrule:aliyun:elasticsearch-instance-enabled-data-node-encryptionrule:aliyun:ess-scaling-configuration-enabled-internet-checkrule:aliyun:fc-service-internet-access-disablerule:aliyun:fc-service-vpc-bindingrule:aliyun:firewall-asset-open-protectrule:aliyun:kms-key-delete-protection-enabledrule:aliyun:kms-secret-rotation-enabledrule:aliyun:nas-filesystem-encrypt-type-checkrule:aliyun:oss-bucket-logging-enabledrule:aliyun:oss-bucket-only-https-enabledrule:aliyun:oss-bucket-public-read-prohibitedrule:aliyun:oss-bucket-public-write-prohibitedrule:aliyun:oss-bucket-server-side-encryption-enabledrule:aliyun:oss-bucket-versioning-enabledrule:aliyun:oss-zrs-enabledrule:aliyun:polardb-cluster-delete-protection-enabledrule:aliyun:polardb-cluster-enabled-sslrule:aliyun:polardb-cluster-enabled-tderule:aliyun:ram-group-has-member-checkrule:aliyun:ram-policy-no-statements-with-admin-access-checkrule:aliyun:ram-user-ak-create-date-expired-checkrule:aliyun:ram-user-group-membership-checkrule:aliyun:ram-user-login-checkrule:aliyun:ram-user-mfa-checkrule:aliyun:ram-user-no-policy-checkrule:aliyun:rds-instacne-delete-protection-enabledrule:aliyun:rds-instance-enabled-log-backuprule:aliyun:rds-public-access-checkrule:aliyun:redis-instance-enabled-sslrule:aliyun:slb-all-listenter-tls-policy-checkrule:aliyun:slb-instance-log-enabledrule:aliyun:slb-listener-https-enabledrule:aliyun:vpc-flow-logs-enabled
此文档由策略元数据自动生成。