All Products
Search
Document Center

Tablestore:Network security

Last Updated:Apr 24, 2024

Tablestore allows you to use virtual private clouds (VPCs) to isolate networks. This improves the resource access security.

By default, Tablestore allows unrestricted access over all networks. In this case, you can configure a network access control list (ACL) for a Tablestore instance. This way, you can restrict the types of networks from which users can access the Tablestore instance. This ensures network access security. For more information, see Network ACL and Network security management.

Tablestore supports different combinations of network types to meet different network security requirements.

Note

By default, Tablestore creates a public endpoint, a VPC endpoint, and a classic network endpoint for each Tablestore instance. For more information, see Endpoints.

Network type

Description

All networks

The instance can be accessed over all networks. For example, you can use the public endpoint, classic network endpoint, VPC endpoint, or Tablestore console to access the instance.

Tablestore console and VPCs

The instance can be accessed only from the Tablestore console or over the bound VPCs. This method isolates your instance from networks outside your VPCs. You cannot access the instance over the Internet or the classic network.

Important

Before you select this network type for an instance, make sure that your business does not require access over the Internet or the classic network.

VPCs

The instance can be accessed only over the bound VPCs. You cannot access the instance over the Internet, the classic network, or from the Tablestore console. In addition, you cannot access resources of the instance from the Tablestore console. This provides better network isolation.

Important

Before you select this network type for an instance, make sure that your business does not require access over the Internet or the classic network, or from the Tablestore console.