检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Scenarios Function 03 Start After creating an ECS, you can log in to it and initialize data disks in multiple ways to start your ECS.
"tms:predefineTags:list" ], "Effect": "Allow" } ] } Special Permission Policy Certain CFW functions depend on cloud services such as Elastic Cloud Server (ECS) and Virtual Private Cloud (VPC).
Public services, such as Elastic Cloud Server (ECS), Elastic Volume Service (EVS), Object Storage Service (OBS), Elastic IP (EIP), and Image Management Service (IMS), are shared within the same region. Regions are classified as universal regions and dedicated regions.
After an ECS initiates an outbound access request, the traffic is forwarded to the firewall through the enterprise router. The firewall blocks or allows the traffic based on SNAT protection rules, and forwards secure traffic to the enterprise router.
Case Handling process: Detect a fault -> Disable protection -> View logs -> Modify a policy -> Restore protection -> Confirm logs The network O&M personnel of a company found that an ECS cannot access the Internet through the bound EIP xx.xx.xx.94.
Cloud Eye Cloud Eye provides a comprehensive monitoring platform for resources such as the ECS and bandwidth. Cloud Eye monitors the metrics of CFW, so that you can understand the protection status of the service in a timely manner, and set protection policies accordingly.
Certain CFW functions depend on cloud services such as Elastic Cloud Server (ECS) and Virtual Private Cloud (VPC).
Protected objects Internet boundary VPC boundary SNAT scenario ECS Subnet Features Filtering by 5-tuple (source IP address, destination IP address, protocol, source port, and destination port) Filtering by geographical location, domain name, domain name group, and blacklist/whitelist
and NAT) bound to the EIP. device_name String Name of the device (such as ECS and NAT) bound to the EIP device_owner String Owner of the device (such as ECS and NAT) bound to the EIP. associate_instance_type String Type of the associated instance: NATGW, ELB, or PORT. fw_instance_name
Public services, such as Elastic Cloud Server (ECS), Elastic Volume Service (EVS), Object Storage Service (OBS), Virtual Private Cloud (VPC), Elastic IP (EIP), and Image Management Service (IMS), are shared within the same region.
NOTE: If your ECS is bound to an EIP, you need to specify the network segment when configuring the route. The value 0.0.0.0/0 is not allowed. 192.168.2.0/24 Attachment Type Select VPC.
