Help Center/ Config/ User Guide/ Resource Compliance/ Built-In Policies/ Bare Metal Server/ BMS Instances Should Not Be Publicly Accessible

Updated on 2025-12-04 GMT+08:00

View PDF

BMS Instances Should Not Be Publicly Accessible

Rule Details

**Table 1** Rule details
Parameter	Description
Rule Name	bms-instance-no-public-ip
Identifier	BMS Instances Should Not Be Publicly Accessible
Description	If a BMS instance has an EIP attached, this instance is non-compliant.
Tag	bms
Trigger Type	Configuration change
Filter Type	bms.servers
Rule Parameters	None

Application Scenarios

Huawei Cloud BMSs may contain sensitive information. If your services do not need to interact with the public network, do not expose BMSs to the public network.

Solution

Check whether your BMSs require EIPs. If it is not necessary, unbind an EIP from a BMS.

If you need public network access, use alternatives such as load balancers, NAT gateways, and VPNs. They can meet your network requirements while reducing costs and risks.

Rule Logic

If a BMS has an EIP attached, this instance is non-compliant.
If a BMS does not have an EIP attached, this instance is compliant.

Parent topic: Bare Metal Server

Previous topic: BMS Instances Are in the Specified VPC

Next topic: Graph Engine Service

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.