Updated on 2024-11-06 GMT+08:00

Overview

SecMaster provides policy management for you to manage and maintain tasks across accounts and resources. With this function, you can view all policies centrally, manage policies for seven defense lines manually, and query manual and automatic block records quickly.

Limitations and Constraints

  • Currently, the emergency policies include only the blacklist policies of CFW, WAF, VPC security groups and IAM.
  • A maximum of 300 emergency policies that support block aging can be added for a single workspace you have. A maximum of 1,300 emergency policies can be added for a single workspace you have. Limits on blocked objects at a time are as follows:
    • When a policy needs to be delivered to CFW, each time a maximum of 50 IP addresses can be added as blocked objects for each account.
    • When a policy needs to be delivered to WAF, each time a maximum of 50 IP addresses can be added as blocked objects for each account.
    • When a policy needs to be delivered to VPC, each time a maximum of 20 IP addresses can be added as blocked objects within 1 minute for each account.
    • When a policy needs to be delivered to IAM, each time a maximum of 50 IAM users can be added as blocked objects for each account.
  • If an IP address or IP address range or an IAM user is added to the blacklist, CFW, WAF, VPC, and IAM will block requests from that IP address or user without checking whether the requests are malicious.