ALB ACL Does Not Allow Public Access
ID: rule:aliyun:alb-acl-public-access-check
Severity: high
IaC Types: ROS, Terraform
Description
Ensures that ALB access control lists do not contain 0.0.0.0/0 (allowing all IPs).
Reason for Violation
Setting the ACL to 0.0.0.0/0 allows any IP to access the load balancer, significantly increasing security risks.
Recommendation
Restrict the ACL to specific IP ranges instead of allowing all IPs.
Resource Types
- ROS:
ALIYUN::ALB::Acl - Terraform:
alicloud_alb_acl