DDS Instances Should Not Use EPIs
Rule Details
Parameter |
Description |
---|---|
Rule Name |
dds-instance-has-eip |
Identifier |
DDS Instances Should Not Use EPIs |
Description |
If a DDS instance has an EIP attached, this instance is non-compliant. |
Tag |
dds |
Trigger Type |
Configuration change |
Filter Type |
dds.instances |
Rule Parameters |
None |
Application Scenarios
DDS instances should not be deployed on the Internet or in a DMZ. Instead, they should be deployed on the internal network of your company. Use routers or firewalls to protect them and do not bind EIPs to your DDS instances. This prevents unauthorized access and DDoS attacks. If your DDS instances must access public net work through EIPs, you must set security groups. For details, see Security Best Practices.
Solution
Do not allow public network connection to your instances. Refer to Connection Methods for other connection methods.
Rule Logic
- If a DDS instance has an EIP attached, this instance is non-compliant.
- If a DDS instance does not have an EIP attached, this instance is compliant.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot