Access control overview

Last updated:2021-05-26 16:59:48

Server Load Balancing (SLB) supports access control for inbound traffic based on the protocol, IP address, traffic direction, and priority.


You can bind an ACL to listeners that have the same network traffic control requirements. By adding inbound rules that allow or deny certain data flows, you can precisely control which data flows go to the listeners. No control is applied to outbound traffic on listeners.

ACL rules

You can create ACLs and bind them to specific listeners. When you add rules to or remove rules from an ACL, the changes are automatically applied to the bound listeners.

An ACL rule consists of the following components:

  • Priority: The rule priority, in the range of 1 to 999. A rule with a smaller priority value is matched earlier. The system uses the first matching rule and ignores other higher-priority rules.
  • Protocol: IP
  • Behavior: Allow or deny
  • Source IP (in CIDR notation)

You can add a maximum of 200 rules to an ACL.


When you use an ACL, take note of the following restrictions:

  • An ACL can be associated with multiple listeners, but a listener can be associated with only one ACL.
  • Different ACL rules must have different priority values.
  • An ACL has inbound rules. Each rule has a priority, protocol type, source IP address, and behavior (allow or deny).
  • After creating an ACL, you must add at least one rule to it.

Did you find the above information helpful?

Mostly Unhelpful
A little helpful
Very helpful

What might be the problems?

Unclear or awkward
Redundant or clumsy
Lack of context for the complex system or functionality

More suggestions


Please give us your feedback.


Thank you for your feedback.