All Products
Search
Document Center

PrivateLink:Access control for PrivateLink

Last Updated:Mar 08, 2024

To ensure the data security of your resources, you can authorize specific users to access your resources by using service whitelists and endpoint security groups.

Add Alibaba Cloud account IDs to a service whitelist

After an endpoint service is created, the Alibaba Cloud account ID of the service owner is automatically added to the service whitelist of the endpoint service. Users whose Alibaba Cloud account IDs are in the service whitelist of the endpoint service can query the endpoint service and create endpoints to connect to the endpoint service. If you want a virtual private cloud (VPC) that belongs to another Alibaba Cloud account to access the endpoint service, you must add the ID of the Alibaba Cloud account to the service whitelist of the endpoint service. For more information, see Manage account IDs in the whitelist of an endpoint service.

Related API operations

Associate an endpoint with a security group

After you create an endpoint for a VPC, you can associate the endpoint with a security group. The security group can control the traffic between the VPC and the elastic network interface (ENI) of the endpoint. If you no longer need the security group, you can remove the endpoint from the security group. For more information, see Manage security groups.

Related API operations