ram-policy-no-has-specified-document - Cloud Config - Alibaba Cloud Documentation Center

Checks whether each custom Resource Access Management (RAM) policy contains a specified permission. If not, the evaluation result is Compliant.

Scenarios

Checking the permissions for each custom RAM policy can prevent unnecessary permission assignment that may cause risks to safe production

Default risk level: medium.

When you apply this rule, you can change the risk level based on your business requirements.

If each custom RAM policy does not contain a specified permission, the evaluation result is Compliant.
If a custom RAM policy contains a specified permission, the evaluation result is Non-compliant.

Item	Description
Rule name	ram-policy-no-has-specified-document
Rule ID	ram-policy-no-has-specified-document
Tag	Policy and RAM
Automatic remediation	Not supported
Trigger type	Configuration change
Supported resource type	RAM policy
Input parameter	None