Help Center/ Config/ User Guide/ Resource Compliance/ Built-In Policies/ API Gateway/ EIP Bound to a Dedicated API Gateway

Updated on 2025-08-25 GMT+08:00

View PDF

EIP Bound to a Dedicated API Gateway

Rule Details

**Table 1** Rule details
Parameter	Description
Rule Name	apig-instances-no-public-ip-check
Identifier	EIP Bound to a Dedicated API Gateway
Description	If a dedicated API gateway instance has an EIP bound, this instance is non-compliant.
Tag	apig
Trigger Type	Configuration change
Filter Type	apig.instances
Rule Parameters	None

Application Scenarios

Binding an EIP to an API gateway instance allows direct access, which means that the backend service is exposed to threats from the public network.

Solution

Call the API to unbind the EIP, and use WAF to protect your API gateway instances.

Rule Logic

If a dedicated API gateway instance has an EIP bound, this instance is non-compliant.
If no EIP is bound to a dedicated API gateway instance, this instance is compliant.

Parent topic: API Gateway

Previous topic: Dedicated API Gateway Deployed in Multiple AZs

Next topic: CodeArts Deploy

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.