Documentación AWS Config Guía para desarrolladores

Las traducciones son generadas a través de traducción automática. En caso de conflicto entre la traducción y la version original de inglés, prevalecerá la version en inglés.

Lista de AWS Config Reglas administradas

AWS Config actualmente admite las siguientes reglas administradas. Antes de usar estas reglas, consulte Consideraciones.

Temas

access-keys-rotated
account-part-of-organizations
acmpca-certificate-authority-tagged
acm-certificate-expiration-check
acm-certificate-rsa-check
acm-certificate-transparent-logging-habilitado
acm-pca-root-ca-deshabilitado
active-mq-supported-version
alb-desync-mode-check
alb-http-drop-invalid-habilitado para encabezado
alb-http-to-https-comprobación de redireccionamiento
alb-internal-scheme-check
alb-listener-tagged
alb-tagged
alb-waf-enabled
amplify-app-branch-auto-habilitado para eliminar
amplify-app-build-spec-configurado
amplify-app-description
amplify-app-no-environment-variables
amplify-app-platform-check
amplify-app-tagged
amplify-branch-auto-build-habilitado
amplify-branch-build-spec-configurado
amplify-branch-description
amplify-branch-framework-configured
amplify-branch-performance-mode-habilitado
amplify-branch-pull-request-vista previa habilitada
amplify-branch-tagged
puerta de enlace api v2- integration-private-https-enabled
apigatewayv2-stage-description
apigateway-domain-name-tls-comprobar
apigateway-stage-access-logs-habilitado
apigateway-stage-description
api-gwv2-access-logs-enabled
api-gwv2- authorization-type-configured
api-gwv2- -habilitada para métricas stage-default-route-detailed
api-gw-associated-with-guerra
api-gw-cache-enabled-y encriptado
api-gw-endpoint-type-comprobar
api-gw-execution-logging-enabled
api-gw-rest-api-etiquetado
api-gw-ssl-enabled
api-gw-stage-tagged
api-gw-xray-enabled
appconfig-application-description
appconfig-application-tagged
appconfig-configuration-profile-tagged
appconfig-configuration-profile-validators-no está vacío
appconfig-deployment-strategy-description
appconfig-deployment-strategy-minimum-final-bake-time
appconfig-deployment-strategy-replicate-a-ssm
appconfig-deployment-strategy-tagged
appconfig-environment-description
appconfig-environment-tagged
appconfig-extension-association-tagged
appconfig-freeform-profile-config-almacenamiento
appconfig-hosted-configuration-version-descripción
appflow-flow-tagged
appflow-flow-trigger-type-comprobar
appintegrations-application-approved-origins-comprobar
appintegrations-application-tagged
appintegrations-event-integration-description
appintegrations-event-integration-tagged
appmesh-gateway-route-tagged
appmesh-mesh-deny-tcp-reenvío
appmesh-mesh-ip-pref-comprobar
appmesh-mesh-tagged
appmesh-route-tagged
appmesh-virtual-gateway-backend-predeterminado-tls
appmesh-virtual-gateway-listeners-health-check-enabled
appmesh-virtual-gateway-logging-file-path-exists
appmesh-virtual-gateway-tagged
appmesh-virtual-node-backend-defaults-tls-on
appmesh-virtual-node-cloud-map-ip-pref-check
appmesh-virtual-node-dns-ip-pref-check
appmesh-virtual-node-listeners-health-check-enabled
appmesh-virtual-node-listeners-outlier-detect-enabled
appmesh-virtual-node-logging-file-path-exists
appmesh-virtual-node-service-backends-tls-enforced
appmesh-virtual-node-tagged
appmesh-virtual-router-tagged
appmesh-virtual-service-tagged
approved-amis-by-id
approved-amis-by-tag
apprunner-service-in-vpc
apprunner-service-ip-address-verificación de tipo
apprunner-service-max-unhealthy-umbral
apprunner-service-no-public-acceso
apprunner-service-observability-enabled
apprunner-service-tagged
apprunner-vpc-connector-tagged
appstream-fleet-in-vpc
appsync-associated-with-waf
appsync-authorization-check
appsync-cache-ct-encryption-en reposo
appsync-cache-ct-encryption-en tránsito
appsync-cache-encryption-at-descanso
appsync-graphql-api-xray-habilitado
appsync-logging-enabled
aps-rule-groups-namespace-etiquetado
athena-data-catalog-description
athena-prepared-statement-description
athena-workgroup-description
athena-workgroup-encrypted-at-descanso
athena-workgroup-enforce-workgroup-configuración
athena-workgroup-engine-version-actualización automática
athena-workgroup-logging-enabled
auditmanager-assessment-tagged
aurora-global-database-encryption-en reposo
aurora-last-backup-recovery-punto creado
aurora-meets-restore-time-objetivo
aurora-mysql-backtracking-enabled
aurora-mysql-cluster-audit-registro
aurora-resources-in-logically-air-gapped-vault
aurora-resources-protected-by-plan de respaldo
autoscaling-capacity-rebalancing
autoscaling-group-elb-healthcheck-obligatorio
autoscaling-launchconfig-requires-imdsv2.
autoscaling-launch-config-hop-límite
autoscaling-launch-config-public-ip deshabilitada
autoscaling-launch-template
autoscaling-multiple-az
autoscaling-multiple-instance-types
backup-plan-min-frequency-and-min-retention-check
backup-recovery-point-encrypted
backup-recovery-point-manual-eliminación-deshabilitada
backup-recovery-point-minimum- control de retención
batch-compute-environment-enabled
batch-compute-environment-managed
batch-compute-environment-tagged
batch-job-queue-enabled
batch-job-queue-tagged
batch-managed-compute-environment-using-launch-template
batch-managed-compute-env-allocation-strategy-check
batch-managed-compute-env-compute-resources-tagged
batch-managed-spot-compute-environment-max-bid
batch-scheduling-policy-tagged
beanstalk-enhanced-health-reporting-habilitado
bedrock agentcore gateway-autorizador-habilitado
bedrock agentcore: tiempo de ejecución, red privada, requerida
bedrock-agentcore-memory-encriptado
cassandra-keyspace-tagged
clb-desync-mode-check
clb-multiple-az
cloudformation-stack-drift-detection-check
cloudformation-stack-notification-check
cloudformation-stack-service-role-check
formación de nubes, terminación, protección y verificación
cloudfront-accesslogs-enabled
cloudfront-associated-with-waf
cloudfront-custom-ssl-certificate
cloudfront-default-root-object-configured
cloudfront, distribución, grupo de claves, habilitado
cloudfront-no-deprecated-ssl-protocols
cloudfront-origin-access-identity-enabled
cloudfront-origin-failover-enabled
cloudfront-origin-lambda-url-oac-enabled
cloudfront-s3-origin-access-control-enabled
cloudfront-s3-origin-non-existent-bucket
cloudfront-security-policy-check
cloudfront-sni-enabled
cloudfront-ssl-policy-check
cloudfront-traffic-to-origin-encrypted
cloudfront-viewer-policy-https
cloudtrail-all-read-s3-data-event-check
cloudtrail-all-write-s3-data-event-check
cloudtrail-event-data-store-multirregión
cloudtrail-s3-bucket-access-logging
cloudtrail-s3-bucket-public-access-prohibited
cloudtrail-s3-dataevents-enabled
cloudtrail-security-trail-enabled
cloudwatch-alarm-action-check
cloudwatch-alarm-action-enabled-check
Descripción de cloudwatch-alarm
cloudwatch-alarm-resource-check
cloudwatch-alarm-settings-check
cloudwatch-log-group-encrypted
cloudwatch-metric-stream-tagged
cloud-trail-cloud-watch-logs-enabled
cloudtrail-enabled
cloud-trail-encryption-enabled
cloud-trail-log-file-validation-enabled
cmk-backing-key-rotation-enabled
codeartifact-repository-tagged
codebuild-project-artifact-encryption
codebuild-project-environment-privileged-check
codebuild-project-envvar-awscred-check
codebuild-project-logging-enabled
codebuild-project-s3-logs-encrypted
codebuild-project-source-repo-url-check
codebuild-project-tagged
codebuild-report-group-encrypted-at-rest
codebuild-report-group-tagged
codedeploy-auto-rollback-monitor-enabled
codedeploy-deployment-group-auto-rollback-enabled
codedeploy-deployment-group-outdated-instances-update
codedeploy-ec2-minimum-healthy-hosts-configured
codedeploy-lambda-allatonce-traffic-shift-disabled
codeguruprofiler-profiling-group-tagged
codegurureviewer-repository-association-tagged
codepipeline-deployment-count-check
codepipeline-region-fanout-check
cognito-identity-pool-unauthenticated-logins
cognito-identity-pool-unauth-access-check
cognito-userpool-cust-auth-threat-full-check
cognito-user-pool-advanced-security-enabled
protección contra eliminación de grupos de usuarios de Cognito habilitada
cognito-user-pool-mfa habilitado
cognito-user-pool-password-policy-check
cognito-user-pool-tagged
connect-instance-logging-enabled
customerprofiles-domain-tagged
customerprofiles-object-type-allow-profile-creation
customerprofiles-object-type-tagged
custom-eventbus-policy-attached
custom-schema-registry-policy-attached
cw-loggroup-retention-period-check
datasync-location-object-storage-using-https
datasync-task-data-verification-enabled
datasync-task-logging-enabled
datasync-task-tagged
dax-encryption-enabled
dax-tls-endpoint-encryption
db-instance-backup-enabled
desired-instance-tenancy
desired-instance-type
devicefarm-instance-profile-tagged
devicefarm-project-tagged
devicefarm-test-grid-project-tagged
dms-auto-minor-version-upgrade-check
dms-endpoint-ssl-configured
dms-endpoint-tagged
dms-mongo-db-authentication-enabled
dms-neptune-iam-authorization-enabled
dms-redis-tls-enabled
dms-replication-instance-multi-az-enabled
dms-replication-not-public
dms-replication-task-sourcedb-logging
dms-replication-task-tagged
dms-replication-task-targetdb-logging
docdb-cluster-audit-logging-enabled
docdb-cluster-backup-retention-check
docdb-cluster-deletion-protection-enabled
docdb-cluster-encrypted
docdb-cluster-encrypted-in-transit
docdb-cluster-snapshot-public-prohibited
dynamodb-autoscaling-enabled
dynamodb-in-backup-plan
dynamodb-last-backup-recovery-point-created
dynamodb-meets-restore-time-target
dynamodb-pitr-enabled
dynamodb-resources-protected-by-backup-plan
dynamodb-table-deletion-protection-enabled
dynamodb-table-encrypted-kms
dynamodb-table-encryption-enabled
dynamodb-throughput-limit-check
ebs-in-backup-plan
ebs-last-backup-recovery-point-created
ebs-meets-restore-time-target
ebs-optimized-instance
ebs-resources-in-logically-air-gapped-vault
ebs-resources-protected-by-backup-plan
ebs-snapshot-bloque-acceso público
ebs-snapshot-public-restorable-check
ec2-capacity-reservation-tagged
ec2-carrier-gateway-tagged
ec2-client-vpn-connection-log-enabled
ec2-client-vpn-endpoint-tagged
ec2-client-vpn-not-authorize-all
ec2-dhcp-options-tagged
ec2-ebs-encryption-by-default
ec2-enis-source-destination-check-enabled
ec2-fleet-tagged
ec2-imdsv2-check
ec2-instance-detailed-monitoring-enabled
ec2-instance-launched-with-allowed-ami
ec2-instance-managed-by-systems-manager
ec2-instance-multiple-eni-check
ec2-instance-no-public-ip
ec2-instance-profile-attached
ec2-ipamscope, etiquetado
ec2-last-backup-recovery-point-created
plantilla de lanzamiento ec2-encriptada con ebs
ec2-launch-templates-ebs-volume-encrypted
ec2-launch-template-imdsv2-check
ec2-launch-template-public-ip-disabled
ec2-launch-template-tagged
ec2-managedinstance-applications-blacklisted
ec2-managedinstance-applications-required
ec2-managedinstance-association-compliance-status-check
ec2-managedinstance-inventory-blacklisted
ec2-managedinstance-patch-compliance-status-check
ec2-managedinstance-platform-check
ec2-meets-restore-time-target
ec2-network-insights-access-scope-analysis-tagged
ec2-network-insights-access-scope-tagged
ec2-network-insights-analysis-tagged
ec2-network-insights-path-tagged
ec2-no-amazon-key-pair
ec2-paravirtual-instance-check
ec2-prefix-list-tagged
ec2-resources-in-logically-air-gapped-vault
ec2-resources-protected-by-backup-plan
ec2-security-group-attached-to-eni
ec2-security-group-attached-to-eni-periodic
ec2-spot-fleet-request-ct-encryption-at-rest
ec2-stopped-instance
ec2-token-hop-limit-check
ec2-traffic-mirror-filter-description
ec2-traffic-mirror-filter-tagged
ec2-traffic-mirror-session-description
ec2-traffic-mirror-session-tagged
ec2-traffic-mirror-target-description
ec2-traffic-mirror-target-tagged
ec2-transit-gateway-auto-vpc-attach-disabled
ec2-transit-gateway-multicast-domain-tagged
ec2-volume-inuse-check
ec2-vpn-connection-ike-version-check
ec2-vpn-connection-logging-enabled
ec2-vpn-connection-tagged
ecr-private-image-scanning-enabled
ecr-private-lifecycle-policy-configured
ecr-private-tag-immutability-enabled
ecr-repository-cmk-encryption-enabled
ecr-repository-tagged
ecs-awsvpc-networking-enabled
ecs-capacity-provider-tagged
comprobación de terminación del proveedor de capacidad ecs-
ecs-containers-nonprivileged
ecs-containers-readonly-access
ecs-container-insights-enabled
ecs-fargate-latest-platform-version
ecs-no-environment-secrets
ecs-service-propagate-tags-habilitado
ecs-task-definition-efs-cifrado habilitado
ecs-task-definition-linux-usuario-no-root
ecs-task-definition-log-configuration
ecs-task-definition-memory-hard-limit
ecs-task-definition-network-mode-not-host
ecs-task-definition-nonroot-user
ecs-task-definition-pid-mode-check
ecs-task-definition-user-for-host-mode-check
ecs-task-definition-windows-user-non-admin
efs-access-point-enforce-root-directory
efs-access-point-enforce-user-identity
efs-automatic-backups-enabled
efs-encrypted-check
efs-filesystem-ct-encrypted
efs-file-system-tagged
efs-in-backup-plan
efs-last-backup-recovery-point-created
efs-meets-restore-time-target
efs-mount-target-public-accessible
efs-resources-in-logically-air-gapped-vault
efs-resources-protected-by-backup-plan
eip-attached
eks-addon-tagged
eks-cluster-logging-enabled
eks-cluster-log-enabled
eks-cluster-oldest-supported-version
eks-cluster-secrets-encrypted
eks-cluster-supported-version
eks-endpoint-no-public-access
eks-fargate-profile-tagged
comprobación de versiones compatibles con eks-nodegroup
eks-secrets-encrypted
elasticache-automatic-backup-check-enabled
elasticache-auto-minor-version-upgrade-check
elasticache-rbac-auth-enabled
elasticache-redis-cluster-automatic-backup-check
elasticache-repl-grp-auto-failover-enabled
elasticache-repl-grp-encrypted-at-rest
elasticache-repl-grp-encrypted-in-transit
elasticache-repl-grp-redis-auth-enabled
elasticache-subnet-group-check
elasticache-supported-engine-version
elasticbeanstalk-application-description
elasticbeanstalk-application-version-description
elasticbeanstalk-environment-description
elasticsearch-encrypted-at-rest
elasticsearch-in-vpc-only
elasticsearch-logs-to-cloudwatch
elasticsearch-node-to-node-encryption-check
elastic-beanstalk-logs-to-cloudwatch
elastic-beanstalk-managed-updates-enabled
elbv2-acm-certificate-required
elbv2-listener-encryption-in-transit
elbv2-multiple-az
elbv2-predefined-security-policy-ssl-check
elbv2: grupo objetivo, protocolo de control de salud, cifrado
elbv2, grupo de destino, protocolo cifrado
elb-acm-certificate-required
elb-cross-zone-load-balancing-enabled
elb-custom-security-policy-ssl-check
elb-deletion-protection-enabled
elb-internal-scheme-check
elb-logging-enabled
elb-predefined-security-policy-ssl-check
elb-tagged
elb-tls-https-listeners-only
emr-block-public-access
emr-kerberos-enabled
emr-master-no-public-ip
emr-security-configuration-encryption-rest
emr-security-configuration-encryption-transit
encrypted-volumes
esquemas de eventos - descubridor-etiquetado
esquemas de eventos - etiquetado con registro
event-data-store-cmk-encryption-enabled
evidently-launch-description
evidently-launch-tagged
evidently-project-description
evidently-project-tagged
evidently-segment-description
evidently-segment-tagged
fis-experiment-template-log-configuration-exists
fis-experiment-template-tagged
fms-shield-resource-policy-check
fms-webacl-resource-policy-check
fms-webacl-rulegroup-association-check
frauddetector-entity-type-tagged
frauddetector-label-tagged
frauddetector-outcome-tagged
frauddetector-variable-tagged
fsx-last-backup-recovery-point-created
fsx-lustre-copy-tags-to-backups
fsx-meets-restore-time-target
fsx-ontap-deployment-type-check
fsx-openzfs-copy-tags-enabled
fsx-openzfs-deployment-type-check
fsx-resources-protected-by-backup-plan
fsx-windows-audit-log-configured
fsx-windows-deployment-type-check
glb-listener-tagged
glb-tagged
global-endpoint-event-replication-enabled
glue-job-logging-enabled
glue-ml-transform-encrypted-at-rest
glue-ml-transform-tagged
glue-spark-job-supported-version
etiquetada con configuración de estación terrestre
estación terrestre: grupo de puntos finales de flujo de datos, etiquetado
estación terrestre - perfil de misión - etiquetado
guardduty-ec2-protection-runtime-enabled
guardduty-ecs-protection-runtime-enabled
guardduty-eks-protection-audit-enabled
guardduty-eks-protection-runtime-enabled
guardduty-enabled-centralized
guardduty-lambda-protection-enabled
guardduty-malware-protection-enabled
guardduty-non-archived-findings
guardduty-rds-protection-enabled
guardduty-runtime-monitoring-enabled
guardduty-s3-protection-enabled
Tienda de datos de Healthlake Fhir etiquetada
iam-customer-policy-blocked-kms-actions
iam-external-access-analyzer-enabled
iam-group-has-users-check
iam-inline-policy-blocked-kms-actions
iam-no-inline-policy-check
iam-oidc-provider-client-id-list-check
iam-oidc-provider-tagged
iam-password-policy
iam-policy-blacklisted-check
descripción de la política de iam
iam-policy-in-use
iam-policy-no-statements-with-admin-access
iam-policy-no-statements-with-full-access
iam-role-managed-policy-check
iam-root-access-key-check
iam-saml-provider-tagged
iam-server-certificate-expiration-check
iam-server-certificate-tagged
iam-user-group-membership-check
iam-user-mfa-enabled
iam-user-no-policies-check
iam-user-unused-credentials-check
generador de imágenes: configuración de distribución, etiquetada
imagebuilder-imagepipeline-tagged
generador de imágenes - receta de imagen - ebs - volúmenes cifrados
generador de imágenes: receta de imagen etiquetada
generador de imágenes: configuración de infraestructura, etiquetado
restricted-ssh
inspector-ec2-scan-enabled
inspector-ecr-scan-enabled
inspector-lambda-code-scan-enabled
inspector-lambda-standard-scan-enabled
ec2-instances-in-vpc
internet-gateway-authorized-vpc-only
iotdevicedefender-custom-metric-tagged
iotevents-alarm-model-tagged
iotevents-detector-model-tagged
iotevents-input-tagged
iotsitewise-asset-model-tagged
iotsitewise-dashboard-tagged
iotsitewise-gateway-tagged
iotsitewise-portal-tagged
iotsitewise-project-tagged
iottwinmaker-component-type-tagged
iottwinmaker-entity-tagged
iottwinmaker-scene-tagged
iottwinmaker-sync-job-tagged
iottwinmaker-workspace-tagged
iotwireless-fuota-task-tagged
iotwireless-multicast-group-tagged
iotwireless-service-profile-tagged
iot-authorizer-token-signing-enabled
iot-job-template-tagged
iot-provisioning-template-description
iot-provisioning-template-jitp
iot-provisioning-template-tagged
iot-scheduled-audit-tagged
ivs-channel-playback-authorization-enabled
ivs-channel-tagged
ivs-playback-key-pair-tagged
ivs-recording-configuration-tagged
kendra, indexada
canal de señalización de vídeo kinesis - etiquetado
transmisión de vídeo de kinesis etiquetada
kinesis-firehose-delivery-stream-encrypted
kinesis-stream-backup-retention-check
kinesis-stream-encrypted
kinesis-video-stream-minimum-data-retention
kms-cmk-not-scheduled-for-deletion
kms-key-policy-no-public-access
kms-key-tagged
lambda-concurrency-check
lambda-dlq-check
comprobación del nivel de registro de la aplicación de la función lambda
lambda-function-description
lambda-función-log-format-json
lambda-function-public-access-prohibited
lambda-function-settings-check
comprobación del nivel de registro del sistema de funciones lambda
lambda-function-xray-enabled
lambda-inside-vpc
lambda-vpc-multi-az-check
lightsail-bucket-permit-public-overrides-deshabilitado
lightsail-bucket-object-versioning-habilitada
etiqueta LightSail-Bucket-Tagged
certificado de vela ligera con etiqueta
LightSail-Disk-Tagged
macie-auto-sensitive-data-discovery-check
macie-status-check
mariadb-publish-logs-to-cloudwatch-logs
paquete multimedia - configuración de embalaje - etiquetado
configuración de reproducción personalizada multimedia etiquetada
grupo de subredes db de memoria etiquetado
mfa-enabled-for-iam-console-access
mq-active-broker-ldap-authentication
mq-active-deployment-mode
mq-active-single-instance-broker-storage-type-efs
mq-automatic-minor-version-upgrade-enabled
mq-auto-minor-version-upgrade-enabled
mq-broker-general-logging-enabled
mq-cloudwatch-audit-logging-enabled
mq-cloudwatch-audit-log-enabled
mq-no-public-access
mq-rabbit-deployment-mode
msk-cluster-public-access-disabled
msk-cluster-tagged
msk-connect-connector-logging-enabled
msk-enhanced-monitoring-enabled
msk-in-cluster-node-require-tls
msk-unrestricted-access-check
multi-region-cloudtrail-enabled
nacl-no-unrestricted-ssh-rdp
neptune-cluster-backup-retention-check
neptune-cluster-cloudwatch-log-export-enabled
neptune-cluster-copy-tags-to-snapshot-enabled
neptune-cluster-deletion-protection-enabled
neptune-cluster-encrypted
neptune-cluster-iam-database-authentication
neptune-cluster-multi-az-enabled
neptune-cluster-snapshot-encrypted
neptune-cluster-snapshot-iam-database-auth-enabled
neptune-cluster-snapshot-public-prohibited
netfw-deletion-protection-enabled
netfw-logging-enabled
netfw-multi-az-enabled
netfw-policy-default-action-fragment-packets
netfw-policy-default-action-full-packets
netfw-policy-rule-group-associated
netfw-stateless-rule-group-not-empty
netfw-subnet-change-protection-enabled
nlb-cross-zone-load-balancing-enabled
nlb-internal-scheme-check
nlb-listener-tagged
nlb-logging-enabled
nlb-tagged
no-unrestricted-route-to-igw
descripción de la colección opensearch serverless
recopilación sin servidor opensearch, réplicas en espera habilitadas
opensearch-access-control-enabled
opensearch-audit-logging-enabled
opensearch-data-node-fault-tolerance
opensearch-encrypted-at-rest
opensearch-https-required
opensearch-in-vpc-only
opensearch-logs-to-cloudwatch
opensearch-node-to-node-encryption-check
opensearch-primary-node-fault-tolerance
opensearch-update-check
paquete panorama-etiquetado
rabbit-mq-supported-version
rds-aurora-mysql-audit-logging-enabled
rds-aurora-postgresql-logs-to-cloudwatch
rds-automatic-minor-version-upgrade-enabled
rds-cluster-auto-minor-version-upgrade-enable
comprobación de retención de copias de seguridad en clúster rds-
rds-cluster-default-admin-check
rds-cluster-deletion-protection-enabled
rds-cluster-encrypted-at-rest
rds-cluster-iam-authentication-enabled
rds-cluster-multi-az-enabled
rds-db-security-group-not-allowed
rds-enhanced-monitoring-enabled
rds-event-subscription-tagged
rds-global-cluster-aurora-versión compatible con mysql
rds-instance-default-admin-check
rds-instance-deletion-protection-enabled
rds-instance-iam-authentication-enabled
rds-instance-public-access-check
rds-instance-subnet-igw-check
rds-in-backup-plan
rds-last-backup-recovery-point-created
rds-logging-enabled
rds-mariadb-instance-encrypted-in-transit
rds-meets-restore-time-target
rds-multi-az-support
rds-mysql-cluster-copy-tags-to-snapshot-check
rds-mysql-instance-encrypted-in-transit
rds-option-group-tagged
rds-pgsql-cluster-copy-tags-to-snapshot-check
rds-postgresql-logs-to-cloudwatch
rds-postgres-instance-encrypted-in-transit
rds-proxy-tls-encryption
rds-resources-protected-by-backup-plan
rds-snapshots-public-prohibited
rds-snapshot-encrypted
rds-sqlserver-encrypted-in-transit
rds-sql-server-logs-to-cloudwatch
rds-storage-encrypted
redshift-audit-logging-enabled
redshift-backup-enabled
redshift-cluster-configuration-check
redshift-cluster-kms-enabled
redshift-cluster-maintenancesettings-check
redshift-cluster-multi-az-enabled
redshift-cluster-parameter-group-tagged
redshift-cluster-public-access-check
redshift-cluster-subnet-group-multi-az
redshift-default-admin-check
redshift-default-db-name-check
redshift-enhanced-vpc-routing-enabled
redshift-require-tls-ssl
redshift-serverless-default-admin-check
redshift-serverless-default-db-name-check
redshift-serverless-namespace-cmk-encryption
redshift-serverless-publish-logs-to-cloudwatch
redshift-serverless-workgroup-encrypted-in-transit
redshift-serverless-workgroup-no-public-access
redshift-serverless-workgroup-routes-within-vpc
redshift-unrestricted-port-access
required-tags
aplicación etiquetada con resiliencehub
centro de resiliencia - política de resiliencia - etiquetado
restricted-common-ports
root-account-hardware-mfa-enabled
root-account-mfa-enabled
route53-health-check-tagged
route53-hosted-zone-tagged
route53-query-logging-enabled
route53: clúster de control de recuperación, etiquetado
ruta 53: lista para la recuperación, etiquetada con celdas
ruta 53: verificación de preparación para la recuperación, preparación para la recuperación, etiquetada
route53: lista para la recuperación, grupo de recuperación, etiquetada
route53: conjunto de recursos de preparación para la recuperación, etiquetado
route53-resolver-firewall-domain-list-tagged
route53-resolver-firewall-rule-group-association-tagged
route53-resolver-firewall-rule-group-tagged
route53-resolver-resolver-endpoint-tagged
route53-resolver-resolver-rule-tagged
rum-app-monitor-cloudwatch-logs-enabled
rum-app-monitor-tagged
s3express-dir-bucket-lifecycle-rules-check
s3-access-point-in-vpc-only
s3-access-point-public-access-blocks
s3-account-level-public-access-blocks
s3-account-level-public-access-blocks-periodic
s3-bucket-acl-prohibited
s3-bucket-blacklisted-actions-prohibited
s3-bucket-cross-region-replication-enabled
s3-bucket-default-lock-enabled
s3-bucket-level-public-access-prohibited
s3-bucket-logging-enabled
s3-bucket-mfa-delete-enabled
s3-bucket-policy-grantee-check
s3-bucket-policy-not-more-permissive
s3-bucket-public-read-prohibited
s3-bucket-public-write-prohibited
s3-bucket-replication-enabled
s3-bucket-server-side-encryption-enabled
s3-bucket-ssl-requests-only
s3-bucket-tagged
s3-bucket-versioning-enabled
s3-default-encryption-kms
s3-directory-bucket, ciclo de vida, política y regla, verificación
s3-event-notifications-enabled
s3-last-backup-recovery-point-created
s3-lifecycle-policy-check
s3-meets-restore-time-target
s3-resources-in-logically-air-gapped-vault
s3-resources-protected-by-backup-plan
s3-version-lifecycle-policy-check
sagemaker-app-image-config-tagged
trabajo de calidad de datos de sagemaker-encriptar en tránsito
sagemaker-datos-calidad-trabajo-isolación
sagemaker-domain-in-vpc
sagemaker-domain-tagged
sagemaker-endpoint-configuration-kms-key-configured
sagemaker-endpoint-config-prod-instance-count
descripción del grupo de funciones de sagemaker
sagemaker: grupo de funciones de cifrado en reposo
sagemaker-featuregroup-tienda en línea-encriptación
sagemaker-feature-group-tagged
sagemaker-image-description
sagemaker-image-tagged
experimento de inferencia de sagemaker etiquetado
sagemaker-model-bias-job-encrypt-in-transit
sagemaker-model-sesgo-job-isolation
sagemaker-model-explicabilidad-trabajo-encriptar-en-tránsito
sagemaker-model-in-vpc
sagemaker-model-isolation-enabled
registro privado del modelo sagemaker de varios contenedores
sagemaker-model-private-registro-requerido
sagemaker-model-quality-job-encriptar en tránsito
sagemaker-monitorización-planificación-aislamiento
sagemaker-notebook-instance-inside-vpc
sagemaker-notebook-instance-kms-key-configured
sagemaker-notebook-instance-platform-version
sagemaker-notebook-instance-root-access-check
sagemaker-notebook-no-direct-internet-access
secretsmanager-rotation-enabled-check
secretsmanager-scheduled-rotation-success-check
secretsmanager-secret-periodic-rotation
secretsmanager-secret-unused
secretsmanager-using-cmk
securityhub-enabled
security-account-information-provided
service-catalog-portfolio-tagged
service-catalog-shared-within-organization
service-vpc-endpoint-enabled
ses-malware-scanning-enabled
ses-sending-tls-required
shield-advanced-enabled-autorenew
shield-drt-access
firmante firmando perfil etiquetado
sns-encrypted-kms
sns-topic-message-delivery-notification-enabled
sns-topic-no-public-access
sqs-queue-dlq-check
sqs-queue-no-public-access
sqs-queue-policy-full-access-check
ssm-automation-block-public-sharing
ssm-automation-logging-enabled
ssm-document-not-public
ssm-document-tagged
stepfunctions-state-machine-tagged
step-functions-state-machine-logging-enabled
storagegateway-last-backup-recovery-point-created
storagegateway-resources-in-logically-air-gapped-vault
storagegateway-resources-protected-by-backup-plan
subnet-auto-assign-public-ip-disabled
transfer-agreement-description
transfer-agreement-tagged
transfer-certificate-description
transfer-certificate-tagged
verificación del algoritmo de cifrado del conector de transferencia como 2
conector de transferencia como verificación del algoritmo de firma 2-mdn
verificación del algoritmo de firma del conector de transferencia como 2
transfer-connector-logging-enabled
transfer-connector-tagged
transfer-family-server-no-ftp
transfer-profile-tagged
transfer-workflow-description
transfer-workflow-tagged
virtualmachine-last-backup-recovery-point-created
virtualmachine-resources-in-logically-air-gapped-vault
virtualmachine-resources-protected-by-backup-plan
vpc-default-security-group-closed
vpc-endpoint-enabled
vpc-flow-logs-enabled
vpc-network-acl-unused-check
vpc-peering-dns-resolution-check
vpc-sg-open-only-to-authorized-ports
vpc-sg-port-restriction-check
vpc-vpn-2-tunnels-up
wafv2-logging-enabled
wafv2-rulegroup-logging-enabled
wafv2-rulegroup-not-empty
wafv2-webacl-not-empty
waf-classic-logging-enabled
waf-global-rulegroup-not-empty
waf-global-rule-not-empty
waf-global-webacl-not-empty
waf-regional-rulegroup-not-empty
waf-regional-rule-not-empty
waf-regional-webacl-not-empty
workspaces-connection-alias-tagged
workspaces-root-volume-encryption-enabled
workspaces-user-volume-encryption-enabled
workspaces-workspace-tagged

Aviso JavaScript está desactivado o no está disponible en su navegador.

Para utilizar la documentación de AWS, debe estar habilitado JavaScript. Para obtener más información, consulte las páginas de ayuda de su navegador.

Convenciones del documento

Reglas administradas

access-keys-rotated

¿Le ha servido de ayuda esta página? - Sí

Gracias por hacernos saber que estamos haciendo un buen trabajo.

Si tiene un momento, díganos qué es lo que le ha gustado para que podamos seguir trabajando en esa línea.

¿Le ha servido de ayuda esta página? - No

Gracias por informarnos de que debemos trabajar en esta página. Lamentamos haberle defraudado.

Si tiene un momento, díganos cómo podemos mejorar la documentación.