Checks whether each resource management account is of a specified type, such as ResourceAccount. If so, the evaluation result is Compliant.
Scenarios
Using the same type of Alibaba Cloud resource management accounts can simplify management, improve security, facilitate permission control and audit, and ensure system security, reliability, and controllability. It is a recommended best practice.
Risk level
Default risk level: medium.
When you apply this rule, you can change the risk level based on your business requirements.
Compliance evaluation logic
If each resource management account is of a specified type, such as ResourceAccount, the evaluation result is Compliant.
If a resource management account is not of a specified type, the evaluation result is Non-compliant.
Rule details
Item | Description |
Rule name | resourcemanager-account-type-check |
Rule ID | |
Tag | RD and Account |
Automatic remediation | Not supported |
Trigger type | Configuration change |
Supported resource type | Member account |
Input parameter | allowType. Default value: ResourceAccount |
Non-compliance remediation
Ensure that each resource management account is of a specified type. For more information, see ListAccounts.