ESS Scaling Configuration Security Group Public Access
ID: rule:aliyun:ess-scaling-configuration-sg-public-access
Severity: high
IaC Types: ROS, Terraform
Description
ESS scaling configuration security groups should not allow access from 0.0.0.0/0 to prevent unauthorized access.
Reason for Violation
The ESS scaling configuration's security group allows access from 0.0.0.0/0, which may expose instances to the public internet.
Recommendation
Restrict security group rules to specific IP ranges instead of 0.0.0.0/0.
Resource Types
- ROS:
ALIYUN::ESS::ScalingConfiguration - Terraform:
alicloud_ess_scaling_configuration - Terraform:
alicloud_security_group_rule - Terraform:
alicloud_security_group_rules