Kafka Instance Public Access Check

ID: rule:aliyun:kafka-instance-public-access-check
Severity: high
IaC Types: ROS, Terraform

Description

Kafka instances should not be deployed with public access (deploy_type 5). Use VPC-only deployment (deploy_type 4) to restrict access to internal networks.

Reason for Violation

The Kafka instance is deployed with public access enabled (deploy_type = 5), exposing it to the internet.

Recommendation

Set deploy_type to 4 (VPC only) to disable public access and restrict the Kafka instance to internal network access.

Resource Types

ROS: ALIYUN::KAFKA::Instance
Terraform: alicloud_alikafka_instance

Description​

Reason for Violation​

Recommendation​

Resource Types​

Description

Reason for Violation

Recommendation

Resource Types