Overview
Global Accelerator supports setting the security access policies to control public network access permissions for acceleration instances, improving the security of network access. You can restrict access to traffic through the source IP address, protocol, and port.
Global Accelerator does not control the client traffic by default. You need to enable this feature on the access control tab.
To enable the feature, you need to select the default handling policy, allow or deny all traffic to enter the Global Accelerator instance, and use the access rules for further control.
Creating an Access Control Policy
Prerequisites
You have completed the creation of a Global Accelerator instance.
Creating Access Control Policy
2. On the instance list page, click the target Instance ID and go to the instance details page.
3. Click Access Control on the listener tab and go to the access control configuration page.
4. Click Create Now and select the default handling policy to complete the creation of the access control policy.
5. Click the switch on the right of the control policy to enable the control policy.
Creating an Access Rule
2. On the instance list page, click the target Instance ID and go to the instance details page.
3. Click Access Control on the listener tab and go to the access control configuration page.
4. Click Add Rules and configure the access rules in the pop-up window.
Configuration Item | Description |
Source IP address | The client traffic source IP address. The source can be in the following formats. Single IP address: 192.168.0.1 CIDR: 192.168.1.0/24 |
Protocol | The client source protocol. It can be TCP or UDP. |
Protocol Port | The source protocol port. It can be in the following formats. Single port: 80 Multiple ports: 80,443 Port range: 3306-20000 All ports: ALL |
Policy | Allow: Global Accelerator will allow traffic that hits the rules. Deny: Global Accelerator will deny access to traffic that hits the rules. |
Remarks | Rule remarks. It is not required. |
5. Click Confirm to complete the configuration of the rules.
Editing Rules
2. On the instance list page, click the target Instance ID and go to the instance details page.
3. Click Access Control on the listener tab and go to the access control configuration page.
4. On the right side of an existing rule, click Edit.
5. Complete the corresponding configuration in the pop-up window and click Confirm to complete the editing.
Deleting Rules
2. On the instance list page, click the target Instance ID and go to the instance details page.
3. Click Access Control on the listener tab and go to the access control configuration page.
4. Select the rule to be deleted and click Delete Rule.
5. Click Confirm in the pop-up window to complete the deletion.
Deleting an Access Control Policy
2. On the instance list page, click the target Instance ID and go to the instance details page.
3. Click Access Control on the listener tab and go to the access control configuration page.
4. Click Delete Security Control Policy and click Confirm in the pop-up window to complete the deletion.
Note:
After the policy is deleted, all access rules will be correspondingly deleted, and Global Accelerator will no longer perform access control on the business. Fully confirm the impact before proceeding.