Checks whether the expiration time of each elastic IP address (EIP) is later than a specified point in time. If so, the evaluation result is Compliant.
Scenarios
You can check whether to renew an EIP before the EIP is expired. This prevents your services from being interrupted due to the expiration of resources.
Risk level
Default risk level: high.
When you apply this rule, you can change the risk level based on your business requirements.
Compliance evaluation logic
- If the expiration time of each EIP is later than a specified point in time, the evaluation result is Compliant.
- If the expiration time of an EIP is earlier than or equal to a specified time point in time, the evaluation result is Non-compliant. For more information about how to remediate a non-compliant configuration, see Non-compliance remediation.
Rule details
| Item | Description |
| Rule name | eip-address-expired-check |
| Rule identifier | eip-address-expired-check |
| Tag | EipAddress and ResourceExpired |
| Automatic remediation | Not supported |
| Trigger type | Configuration change and periodic execution |
| Evaluation frequency | Interval of 24 hours |
| Supported resource type | EIP |
| Input parameter | days. Default value: 30. Unit: days. |
Non-compliance remediation
Change the configuration of a subscription EIP, renew a subscription EIP, or change the billing method of a subscription EIP. For more information, see Manage a subscription EIP.