tencent cloud

Config

DocumentationConfigOperation GuideRuleList of Managed RuleAccess to All Ports by Security Group Not Allowed

Access to All Ports by Security Group Not Allowed

PDF
Focus Mode
Font Size
Last updated: 2024-02-29 11:02:54
Rule purpose: Check whether the port range value is set to All when rules involving all network segments are configured.
Compliance evaluation logic: When the security group has set rules covering all network segments (0.0.0.0/0 or ::/0), the port range value cannot be set to ALL. If no such rules are set, the port range value can be ALL. The evaluation result is "compliant" if the above conditions are met.
Rule Identifier: cvm-sg-no-remote-access
Risk Level: High
Applicable Resource Type: QCS::VPC::SecurityGroup
Rule trigger type: Configuration change
Keyword: Security Group
Rule parameter: None
Previous Topic: Access to Remote Risky Ports by Security Group Not AllowedNext Topic: CBS Disk Enabled Arrear Protection

Help and Support

Was this page helpful?

Help us improve! Rate your documentation experience in 5 mins.

Feedback