These rules help you evaluate the security of your cloud services without affecting other Huawei Cloud customers or the infrastructure of Huawei Cloud.

Any penetration test that does not comply with these rules is considered unauthorized. We reserve the right to pursue legal action for such unauthorized penetration testing.

These rules apply only to customers who have purchased cloud services from Huawei Cloud. It does not include products or services in Huawei Cloud KooGallery.

1. Perform any type of DoS or DDoS tests.

2. Perform automatic tests that may generate heavy traffic.

3. Perform ARP spoofing, DNS hijacking, or poisoning attacks.

4. Scan or test the data or other assets of other Huawei Cloud customers.

5. Launch phishing or other social engineering attacks against Huawei employees.

6. Perform any penetration testing on Huawei Cloud infrastructure and public services, including the official website, IAM, NTP, and DNS.

You can perform security evaluation and penetration testing on your service systems deployed on Huawei Cloud and the Huawei Cloud service instances you purchase at any time.

Product security is very important to Huawei Cloud. If you suspect that there are security vulnerabilities in the Huawei Cloud website, products, or services, contact us via channels and security mechanism we provide on the following page: https://www.huaweicloud.com/eu/securecenter/security.html