Updated on 2025-08-25 GMT+08:00

DDS Instances Should Not Use EPIs

Rule Details

Table 1 Rule details

Parameter

Description

Rule Name

dds-instance-has-eip

Identifier

DDS Instances Should Not Use EPIs

Description

If a DDS instance has an EIP attached, this instance is non-compliant.

Tag

dds

Trigger Type

Configuration change

Filter Type

dds.instances

Rule Parameters

None

Application Scenarios

DDS instances should not be deployed on the Internet or in a DMZ. Instead, they should be deployed on the internal network of your company. Use routers or firewalls to protect them and do not bind EIPs to your DDS instances. This prevents unauthorized access and DDoS attacks. If your DDS instances must access public net work through EIPs, you must set security groups. For details, see Security Best Practices.

Solution

Do not allow public network connection to your instances. Refer to Connection Methods for other connection methods.

Rule Logic

  • If a DDS instance has an EIP attached, this instance is non-compliant.
  • If a DDS instance does not have an EIP attached, this instance is compliant.