If a Resource Access Management (RAM) policy is enabled for File Storage NAS (NAS) file system access points, the evaluation result is Compliant.
Scenarios
Custom policies let you grant read and write permissions to different RAM users or RAM roles within the same account, or allow them to access file system resources by using the root account. This enables fine-grained, flexible permission management.
Risk level
Default risk level: medium.
You can change the risk level based on your business requirements when you apply this rule.
Compliance evaluation logic
If a RAM policy is enabled for NAS file system access points, the evaluation result is Compliant.
Rule details
|
Parameter |
Description |
|
Rule Template Name |
nas-filesystem-access-point-enabled-ram |
|
Rule Template Identifier |
|
|
Tag |
FileSystem |
|
Automatic remediation |
Not supported |
|
Invoke Type |
Periodic: Every 24 hours |
|
Supported resource type |
NAS file system (ACS::NAS::FileSystem) |
|
Input parameter |
N/A |
Non-compliance remediation
Enable a RAM policy for NAS file system access points. For more information, see Manage access points.