All Products
Search

This Product

    Cloud Config:ecs-security-group-type-not-normal

    Document Center

    Cloud Config:ecs-security-group-type-not-normal

    Last Updated:Aug 16, 2023

    Checks whether the Security Group Type parameter of each ECS instance is set to Advanced Security Group. If so, the evaluation result is Compliant.

    Scenarios

    Advanced security groups provide more powerful security features and management capabilities, more advanced network security protection, and more flexible access control. Advanced security groups help you meet security requirements in various scenarios.

    Risk level

    Default risk level: low.

    When you apply this rule, you can change the risk level based on your business requirements.

    Compliance evaluation logic

    • If the Security Group Type parameter of each ECS instance is set to Advanced Security Group, the evaluation result is Compliant.

    • If the Security Group Type parameter of an ECS instance is set to Basic Security Group, the evaluation result is Non-compliant.

    Rule details

    Parameter

    Description

    Rule name

    ecs-security-group-type-not-normal

    Rule identifier

    ecs-security-group-type-not-normal

    Tag

    SecurityGroup

    Automatic remediation

    Not supported

    Trigger type

    Configuration change

    Supported resource type

    ECS security groups

    Input parameter

    None