Access control-Documentation-Kingsoft Cloud

You can bind an ACL to listeners that have the same network traffic control requirements. By adding inbound rules that allow or deny certain data flows, you can precisely control which data flows go to the listeners. No control is applied to outbound traffic on listeners.

ACL rules

You can create ACLs and bind them to specific listeners. When you add rules to or remove rules from an ACL, the changes are automatically applied to the bound listeners.

An ACL rule consists of the following components:

Priority: The rule priority, in the range of 1 to 999. A rule with a smaller priority value is matched earlier. The system uses the first matching rule and ignores other higher-priority rules.
Protocol: IP
Behavior: Allow or deny
Source IP (in CIDR notation)

You can add a maximum of 200 rules to an ACL.

Restrictions

When you use an ACL, take note of the following restrictions:

An ACL can be associated with multiple listeners, but a listener can be associated with only one ACL.
Different ACL rules must have different priority values.
An ACL has inbound rules. Each rule has a priority, protocol type, source IP address, and behavior (allow or deny).
After creating an ACL, you must add at least one rule to it.

On this page

Previous:Access Control

Next:Configure access control

Pure ModeNormal Mode

Pure Mode

Click to preview the document content in full screen

Compute

Cloud Monitor

Compliance

Networking

Security

Storage&CDN

Database

Legal

ActionTrail

Video Services

Data Analysis

Account Management

Access control overview

Scenarios

ACL rules

Restrictions