Checks whether the deletion protection feature is enabled for each Container Service for Kubernetes (ACK) cluster.
Scenario
You can enable the deletion protection feature for important ACK clusters. This prevents business interruption caused by accidental operations that delete the ACK cluster and enhances business stability.
Risk level
Default risk level: medium.
You can change the risk level as required when you apply this rule.
Compliance evaluation logic
- If the deletion protection feature is enabled for each ACK cluster, the evaluation result is compliant.
- If the deletion protection feature is disabled for an ACK cluster, the evaluation result is non-compliant. For more information about how to correct the non-compliant configuration, see Non-compliance remediation.
Rule details
| Item | Description |
|---|---|
| Rule name | ack-cluster-deletion-protection-enabled |
| Rule ID | ack-cluster-deletion-protection-enabled |
| Tag | ACK |
| Automatic remediation | Not supported |
| Trigger type | Configuration change |
| Supported resource type | ACK cluster |
| Input parameter | None |
Non-compliance remediation
Call the ModifyCluster operation to enable the deletion protection feature for the ACK cluster. For more information, see ModifyCluster.