MRS Clusters Have Specified Security Groups Attached

Rule Details

Application Scenarios

A security group is a collection of access control rules for MRS clusters that have the same security requirements and are mutually trusted. You can define different access control rules for a security group, and these rules take effect for all MRS clusters added to this security group. Security groups control the network traffic to and from MRS clusters in the following ways:

• Traffic filtering: You can configure security group rules to allow or deny traffic from specific IP addresses or IP address ranges. This helps prevent traffic from known malicious IP addresses.
• Port control: By specifying allowed ports, security groups can prevent access to idle or insecure services.
• Protocol restriction: Security groups can also control traffic based on different network protocols (such as TCP and UDP). This is useful for ensuring that only necessary communication types are allowed.
• Inbound and outbound rules: Inbound rules control which traffic can enter a cluster, while outbound rules control where the cluster can send data. This bidirectional control provides more comprehensive security protection.

Solution

Add your MRS cluster to a proper security group.

Rule Logic

• If your MRS cluster is not added to any specified security groups, this cluster is non-compliant.
• If your MRS cluster is added to a specified security group, this cluster compliant.