Skip to main content

ESS Scaling Configuration Internet Access Check

ID: rule:aliyun:ess-scaling-configuration-enabled-internet-check
Severity: medium
IaC Types: ROS, Terraform

Description

ESS scaling configurations should not enable public bandwidth for instances unless necessary.

Reason for Violation

Enabling public bandwidth for scaling instances increases the attack surface.

Recommendation

Keep internet_max_bandwidth_out at 0 and use NAT or load balancers for internet access.

Resource Types

ROS: ALIYUN::ESS::ScalingConfiguration
Terraform: alicloud_ess_scaling_configuration

Description
Reason for Violation
Recommendation
Resource Types