2026-02-06 03:34:50 +08:00
|
|
|
|
<template>
|
|
|
|
|
|
<div class="best-practices-demo">
|
|
|
|
|
|
<div class="demo-header">
|
2026-02-14 12:14:07 +08:00
|
|
|
|
<span class="icon">✅</span>
|
|
|
|
|
|
<span class="title">权限管理最佳实践</span>
|
2026-02-14 20:23:34 +08:00
|
|
|
|
<span class="subtitle">按优先级实施安全措施</span>
|
2026-02-06 03:34:50 +08:00
|
|
|
|
</div>
|
|
|
|
|
|
|
2026-02-14 20:23:34 +08:00
|
|
|
|
<div class="practices-list">
|
|
|
|
|
|
<div
|
|
|
|
|
|
v-for="(practice, index) in bestPractices"
|
|
|
|
|
|
:key="index"
|
|
|
|
|
|
class="practice-item"
|
|
|
|
|
|
:class="{ active: expandedCard === index }"
|
|
|
|
|
|
@click="toggleCard(index)"
|
|
|
|
|
|
>
|
|
|
|
|
|
<div class="item-header">
|
|
|
|
|
|
<span class="item-icon">{{ practice.icon }}</span>
|
|
|
|
|
|
<span class="item-title">{{ practice.title }}</span>
|
2026-02-18 17:38:10 +08:00
|
|
|
|
<span
|
|
|
|
|
|
class="item-priority"
|
|
|
|
|
|
:class="practice.priority"
|
|
|
|
|
|
>{{ practice.priorityText }}</span>
|
2026-02-14 20:23:34 +08:00
|
|
|
|
</div>
|
2026-02-18 17:38:10 +08:00
|
|
|
|
<div
|
|
|
|
|
|
v-if="expandedCard === index"
|
|
|
|
|
|
class="item-body"
|
|
|
|
|
|
>
|
|
|
|
|
|
<p class="item-desc">
|
|
|
|
|
|
{{ practice.description }}
|
|
|
|
|
|
</p>
|
2026-02-14 20:23:34 +08:00
|
|
|
|
<div class="item-checks">
|
2026-02-18 17:38:10 +08:00
|
|
|
|
<span
|
|
|
|
|
|
v-for="(item, i) in practice.checklist.slice(0, 3)"
|
|
|
|
|
|
:key="i"
|
|
|
|
|
|
class="check-tag"
|
|
|
|
|
|
>✓ {{ item }}</span>
|
2026-02-06 03:34:50 +08:00
|
|
|
|
</div>
|
|
|
|
|
|
</div>
|
|
|
|
|
|
</div>
|
|
|
|
|
|
</div>
|
2026-02-13 22:10:03 +08:00
|
|
|
|
|
|
|
|
|
|
<div class="info-box">
|
2026-02-14 12:14:07 +08:00
|
|
|
|
<span class="icon">💡</span>
|
2026-02-14 20:23:34 +08:00
|
|
|
|
<strong>核心思想:</strong>按照优先级从 P0 开始逐步实施。每个改进都能显著提升账号安全性。
|
2026-02-13 22:10:03 +08:00
|
|
|
|
</div>
|
2026-02-06 03:34:50 +08:00
|
|
|
|
</div>
|
|
|
|
|
|
</template>
|
|
|
|
|
|
|
|
|
|
|
|
<script setup>
|
|
|
|
|
|
import { ref } from 'vue'
|
|
|
|
|
|
|
|
|
|
|
|
const expandedCard = ref(0)
|
|
|
|
|
|
|
|
|
|
|
|
const bestPractices = [
|
|
|
|
|
|
{
|
|
|
|
|
|
icon: '👑',
|
|
|
|
|
|
title: '根账号保护',
|
|
|
|
|
|
priority: 'p0',
|
2026-02-14 20:23:34 +08:00
|
|
|
|
priorityText: 'P0',
|
|
|
|
|
|
description: '根账号是云服务的所有者,必须实施最高级别的保护。',
|
|
|
|
|
|
checklist: ['启用 MFA', '创建 IAM 管理员用户', '删除根账号访问密钥']
|
2026-02-06 03:34:50 +08:00
|
|
|
|
},
|
|
|
|
|
|
{
|
|
|
|
|
|
icon: '👤',
|
|
|
|
|
|
title: '用户权限最小化',
|
|
|
|
|
|
priority: 'p0',
|
2026-02-14 20:23:34 +08:00
|
|
|
|
priorityText: 'P0',
|
2026-02-06 03:34:50 +08:00
|
|
|
|
description: '遵循最小权限原则,只授予用户完成工作所需的最低权限。',
|
2026-02-14 20:23:34 +08:00
|
|
|
|
checklist: ['避免全权限策略', '使用用户组管理', '定期审查用户']
|
2026-02-06 03:34:50 +08:00
|
|
|
|
},
|
|
|
|
|
|
{
|
|
|
|
|
|
icon: '🎭',
|
|
|
|
|
|
title: '优先使用 IAM 角色',
|
|
|
|
|
|
priority: 'p1',
|
2026-02-14 20:23:34 +08:00
|
|
|
|
priorityText: 'P1',
|
|
|
|
|
|
description: 'IAM 角色没有长期凭证,通过临时凭证访问,降低泄露风险。',
|
|
|
|
|
|
checklist: ['EC2 使用实例角色', 'Lambda 使用执行角色', '跨账号用 AssumeRole']
|
2026-02-06 03:34:50 +08:00
|
|
|
|
},
|
|
|
|
|
|
{
|
|
|
|
|
|
icon: '🔑',
|
|
|
|
|
|
title: '访问密钥安全管理',
|
|
|
|
|
|
priority: 'p1',
|
2026-02-14 20:23:34 +08:00
|
|
|
|
priorityText: 'P1',
|
|
|
|
|
|
description: '如果必须使用 AK/SK,需要实施严格的安全管理措施。',
|
|
|
|
|
|
checklist: ['不硬编码凭证', '使用密钥管理服务', '定期轮换密钥']
|
2026-02-06 03:34:50 +08:00
|
|
|
|
},
|
|
|
|
|
|
{
|
|
|
|
|
|
icon: '📊',
|
|
|
|
|
|
title: '监控与审计',
|
|
|
|
|
|
priority: 'p2',
|
2026-02-14 20:23:34 +08:00
|
|
|
|
priorityText: 'P2',
|
|
|
|
|
|
description: '建立全面的监控和审计机制,及时发现安全事件。',
|
|
|
|
|
|
checklist: ['启用 CloudTrail', '配置关键操作告警', '定期审查权限']
|
2026-02-06 03:34:50 +08:00
|
|
|
|
}
|
|
|
|
|
|
]
|
|
|
|
|
|
|
|
|
|
|
|
function toggleCard(index) {
|
|
|
|
|
|
expandedCard.value = expandedCard.value === index ? null : index
|
|
|
|
|
|
}
|
|
|
|
|
|
</script>
|
|
|
|
|
|
|
|
|
|
|
|
<style scoped>
|
|
|
|
|
|
.best-practices-demo {
|
2026-02-13 22:10:03 +08:00
|
|
|
|
border: 1px solid var(--vp-c-divider);
|
|
|
|
|
|
background: var(--vp-c-bg-soft);
|
2026-02-14 20:23:34 +08:00
|
|
|
|
border-radius: 6px;
|
|
|
|
|
|
padding: 0.75rem;
|
|
|
|
|
|
margin: 0.5rem 0;
|
2026-02-06 03:34:50 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
.demo-header {
|
2026-02-14 20:23:34 +08:00
|
|
|
|
display: flex;
|
|
|
|
|
|
align-items: center;
|
|
|
|
|
|
gap: 0.5rem;
|
|
|
|
|
|
margin-bottom: 0.75rem;
|
2026-02-06 03:34:50 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
2026-02-14 20:23:34 +08:00
|
|
|
|
.demo-header .icon { font-size: 1.25rem; }
|
|
|
|
|
|
.demo-header .title { font-weight: bold; font-size: 1rem; }
|
|
|
|
|
|
.demo-header .subtitle { color: var(--vp-c-text-2); font-size: 0.85rem; margin-left: 0.5rem; }
|
2026-02-13 22:10:03 +08:00
|
|
|
|
|
2026-02-14 20:23:34 +08:00
|
|
|
|
.practices-list {
|
|
|
|
|
|
display: flex;
|
|
|
|
|
|
flex-direction: column;
|
|
|
|
|
|
gap: 0.4rem;
|
|
|
|
|
|
margin-bottom: 0.75rem;
|
2026-02-06 03:34:50 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
2026-02-14 20:23:34 +08:00
|
|
|
|
.practice-item {
|
2026-02-13 22:10:03 +08:00
|
|
|
|
background: var(--vp-c-bg);
|
|
|
|
|
|
border: 1px solid var(--vp-c-divider);
|
2026-02-14 20:23:34 +08:00
|
|
|
|
border-radius: 6px;
|
2026-02-06 03:34:50 +08:00
|
|
|
|
cursor: pointer;
|
2026-02-14 20:23:34 +08:00
|
|
|
|
transition: all 0.2s;
|
2026-02-06 03:34:50 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
2026-02-14 20:23:34 +08:00
|
|
|
|
.practice-item:hover { border-color: var(--vp-c-brand); }
|
|
|
|
|
|
.practice-item.active {
|
2026-02-13 22:10:03 +08:00
|
|
|
|
border-color: var(--vp-c-brand);
|
|
|
|
|
|
background: var(--vp-c-bg-alt);
|
2026-02-06 03:34:50 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
2026-02-14 20:23:34 +08:00
|
|
|
|
.item-header {
|
2026-02-06 03:34:50 +08:00
|
|
|
|
display: flex;
|
|
|
|
|
|
align-items: center;
|
2026-02-14 20:23:34 +08:00
|
|
|
|
gap: 0.5rem;
|
|
|
|
|
|
padding: 0.6rem;
|
2026-02-06 03:34:50 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
2026-02-14 20:23:34 +08:00
|
|
|
|
.item-icon { font-size: 1rem; }
|
|
|
|
|
|
.item-title { font-weight: 600; font-size: 0.85rem; flex: 1; }
|
2026-02-06 03:34:50 +08:00
|
|
|
|
|
2026-02-14 20:23:34 +08:00
|
|
|
|
.item-priority {
|
|
|
|
|
|
font-size: 0.65rem;
|
2026-02-13 22:10:03 +08:00
|
|
|
|
font-weight: 700;
|
2026-02-14 20:23:34 +08:00
|
|
|
|
padding: 0.15rem 0.4rem;
|
|
|
|
|
|
border-radius: 3px;
|
2026-02-06 03:34:50 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
2026-02-14 20:23:34 +08:00
|
|
|
|
.item-priority.p0 { background: var(--vp-c-danger); color: #fff; }
|
|
|
|
|
|
.item-priority.p1 { background: var(--vp-c-warning); color: #fff; }
|
|
|
|
|
|
.item-priority.p2 { background: var(--vp-c-brand-soft); color: var(--vp-c-brand-1); }
|
2026-02-06 03:34:50 +08:00
|
|
|
|
|
2026-02-14 20:23:34 +08:00
|
|
|
|
.item-body {
|
|
|
|
|
|
padding: 0 0.6rem 0.6rem;
|
2026-02-13 22:10:03 +08:00
|
|
|
|
border-top: 1px solid var(--vp-c-divider);
|
2026-02-14 20:23:34 +08:00
|
|
|
|
margin-top: 0;
|
|
|
|
|
|
padding-top: 0.5rem;
|
2026-02-06 03:34:50 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
2026-02-14 20:23:34 +08:00
|
|
|
|
.item-desc {
|
2026-02-06 03:34:50 +08:00
|
|
|
|
font-size: 0.8rem;
|
2026-02-14 20:23:34 +08:00
|
|
|
|
color: var(--vp-c-text-2);
|
|
|
|
|
|
margin: 0 0 0.5rem;
|
|
|
|
|
|
line-height: 1.4;
|
2026-02-06 03:34:50 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
2026-02-14 20:23:34 +08:00
|
|
|
|
.item-checks {
|
2026-02-06 03:34:50 +08:00
|
|
|
|
display: flex;
|
|
|
|
|
|
flex-wrap: wrap;
|
2026-02-14 20:23:34 +08:00
|
|
|
|
gap: 0.3rem;
|
2026-02-06 03:34:50 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
2026-02-14 20:23:34 +08:00
|
|
|
|
.check-tag {
|
|
|
|
|
|
font-size: 0.7rem;
|
|
|
|
|
|
padding: 0.15rem 0.4rem;
|
2026-02-13 22:10:03 +08:00
|
|
|
|
background: var(--vp-c-brand-soft);
|
|
|
|
|
|
color: var(--vp-c-brand-1);
|
2026-02-14 20:23:34 +08:00
|
|
|
|
border-radius: 3px;
|
2026-02-06 03:34:50 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
2026-02-13 22:10:03 +08:00
|
|
|
|
.info-box {
|
|
|
|
|
|
background: var(--vp-c-bg-alt);
|
2026-02-14 20:23:34 +08:00
|
|
|
|
padding: 0.6rem;
|
2026-02-13 22:10:03 +08:00
|
|
|
|
border-radius: 6px;
|
2026-02-14 20:23:34 +08:00
|
|
|
|
font-size: 0.85rem;
|
2026-02-13 22:10:03 +08:00
|
|
|
|
color: var(--vp-c-text-2);
|
2026-02-14 20:23:34 +08:00
|
|
|
|
display: flex;
|
|
|
|
|
|
gap: 0.25rem;
|
2026-02-13 22:10:03 +08:00
|
|
|
|
}
|
|
|
|
|
|
|
2026-02-14 20:23:34 +08:00
|
|
|
|
.info-box .icon { flex-shrink: 0; }
|
|
|
|
|
|
.info-box strong { color: var(--vp-c-text-1); }
|
2026-02-06 03:34:50 +08:00
|
|
|
|
</style>
|
