If the scaling configurations do not specify that IPv4 addresses can be assigned to Elastic Compute Service (ECS) instances, the evaluation result is Compliant.
Scenarios
If you select the Assign Public IP Address option for the Public IP Address parameter in the scaling configurations, an IPv4 address is automatically assigned to the ECS instance when you create the ECS instance. If an ECS instance needs to access the Internet or be accessed over the Internet, we recommend that you deploy the ECS instance in a virtual private cloud (VPC) and use Server Load Balancer (SLB) and NAT Gateway to manage Internet traffic of the ECS instance.
Risk level
Default risk level: medium.
When you apply this rule, you can change the risk level based on your business requirements.
Compliance evaluation logic
- If the scaling configurations do not specify that IPv4 addresses can be assigned to ECS instances, the evaluation result is Compliant.
- If the scaling configurations specify that IPv4 addresses can be assigned to ECS instances, the evaluation result is Non-compliant. For information about how to remediate a non-compliant configuration, see Non-compliance remediation.
Rule details
| Item | Description |
|---|---|
| Rule name | ess-scaling-configuration-enabled-internet-check |
| Rule identifier | ess-scaling-configuration-enabled-internet-check |
| Tag | ESS and ScalingConfiguration |
| Automatic remediation | Not supported |
| Trigger type | Configuration change |
| Supported resource type | Scaling configuration |
| Input parameter | None |
Non-compliance remediation
Deselect the Assign Public IP Address option for the Public IP Address parameter in the scaling configurations. For more information, see Modify a scaling configuration.