This rule checks whether SQL audit logs are enabled for database instances in Database Autonomy Service (DAS). Instances with SQL audit logs enabled are considered compliant.
Threat level
Default threat level: Medium.
You can change the threat level when you use this rule.
Detection logic
-
A database instance with SQL audit logs enabled is considered compliant.
Rule details
|
Parameter |
Description |
|
Rule name |
Enable SQL audit logs for database instances in DAS |
|
Rule identifier |
|
|
Tags |
RDS,Instance |
|
Automatic remediation |
Not supported |
|
Rule trigger |
Configuration change |
|
Supported resource types |
ACS::RDS::DBInstance, ACS::PolarDB::DBCluster, ACS::DRDS::DBInstance, ACS::DRDS::PolarDBXInstance |
|
Input parameters |
None |
Remediation
To remediate non-compliant resources, see SQL Explorer.
该文章对您有帮助吗?