CSS Clusters Have Access Control Enabled
Rule Details
|
Parameter |
Description |
|---|---|
|
Rule Name |
css-cluster-not-enable-white-list |
|
Identifier |
css-cluster-not-enable-white-list |
|
Description |
If a CSS cluster does not have access control enabled, this cluster is noncompliant. |
|
Tag |
css |
|
Trigger Type |
Configuration change |
|
Filter Type |
css.clusters |
|
Configure Rule Parameters |
None |
Applicable Scenario
If a CSS cluster has access control disabled, it is publically accessible by all IP addresses. If the access control is enabled, it is only accessible by whitelisted IP addresses over public networks. For details, see Configuring Public Network Access.
Solution
You can enable access control for noncompliant CSS clusters and configure an IP address white list to allow public access.
Rule Logic
- If a CSS cluster does not have pubic access enabled, this cluster is compliant.
- If a CSS cluster has public access enabled but does not have access control enabled, this cluster is noncompliant.
- If a CSS cluster has both public access and access control enabled, this cluster is compliant.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
