Help Center/
Config/
User Guide/
Resource Compliance/
Built-In Policies/
Data Warehouse Service/
DWS Clusters Should Not Use EIPs
Updated on 2025-08-25 GMT+08:00
DWS Clusters Should Not Use EIPs
Rule Details
|
Parameter |
Description |
|---|---|
|
Rule Name |
dws-clusters-no-public-ip |
|
Identifier |
DWS Clusters Should Not Use EIPs |
|
Description |
If a GaussDB(DWS) cluster has an EIP bound, this cluster is non-compliant. |
|
Tag |
dws |
|
Trigger Type |
Configuration change |
|
Filter Type |
dws.clusters |
|
Rule Parameters |
None |
Application Scenarios
Do not expose GaussDB(DWS) clusters to the public network. This may cause the following problems:
- Unauthorized access: Public network access increases the risk of database exposure, which may be exploited by malicious users.
- Data leakage: Attackers may steal sensitive data, such as user information or financial data.
- Data tampering: Attackers may tamper with data through public network access, affecting data integrity.
- Network latency: Public network access is usually slower than intranet access, affecting the database response speed.
- Attack target: Public network access makes databases more vulnerable to DDoS attacks, which may interrupt services.
Solution
Do not bind an EIP to your GaussDB(DWS) cluster when creating it. If an EIP has been bound, unbind it.
Rule Logic
- If no EIP is bound to your GaussDB(DWS) cluster, this cluster is compliant.
- If an EIP is bound to your GaussDB(DWS) cluster, this cluster is non-compliant.
Parent topic: Data Warehouse Service
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
The system is busy. Please try again later.
For any further questions, feel free to contact us through the chatbot.
Chatbot
