NAS Mount Target Access Group Check
ID: rule:aliyun:nas-filesystem-mount-target-access-group-check
Severity: medium
IaC Types: ROS, Terraform
Description
Ensures that NAS mount targets do not use the default VPC access group (DEFAULT_VPC_GROUP_NAME).
Reason for Violation
The NAS mount target uses the default VPC access group, which may have overly permissive settings.
Recommendation
Create and assign a custom access group with appropriate access rules instead of using DEFAULT_VPC_GROUP_NAME.
Resource Types
- ROS:
ALIYUN::NAS::MountTarget - Terraform:
alicloud_nas_mount_target