Checks whether each Elastic Compute Service (ECS) instance uses an image that is shared by a specified account. If so, the evaluation result is Compliant.
Scenarios
Using an image that is shared by a specified account can improve system stability, security, and reliability, simplify system management, and reduce costs. It is a recommended best practice.
Risk level
Default risk level: medium.
When you apply this rule, you can change the risk level based on your business requirements.
Compliance evaluation logic
If each ECS instance uses an image that is shared by a specified account, the evaluation result is Compliant.
If an ECS instance does not use an image that is shared by a specified account, the evaluation result is Non-compliant.
Rule details
Item | Description |
Rule name | ecs-instance-use-specified-owner-image |
Rule ID | |
Tag | ECS, Instance, and Image |
Automatic remediation | Not supported |
Trigger type | Periodic execution |
Evaluation frequency | Every 24 hours |
Supported resource type | ECS instance |
Input parameter | imageOwnerIds |
Non-compliance remediation
Share created custom images with other Alibaba Cloud accounts. Then, the accounts can use the shared images. For more information, see Use shared images.