ESS Scaling Configuration Security Group Public Access

ID: rule:aliyun:ess-scaling-configuration-sg-public-access
Severity: high

Description

ESS scaling configuration security groups should not allow access from 0.0.0.0/0 to prevent unauthorized access.

Reason for Violation

The ESS scaling configuration's security group allows access from 0.0.0.0/0, which may expose instances to the public internet.

Recommendation

Restrict security group rules to specific IP ranges instead of 0.0.0.0/0.

Resource Types

• ALIYUN::ESS::ScalingConfiguration