If DDoS attacks are detected, the security system of RDS enables traffic cleaning first. If traffic cleaning fails or the attacks reach the blackhole threshold, blackhole filtering is triggered.
- IP addresses can access RDS only after you add them to the whitelist. IP addresses that are not in the whitelist cannot access RDS.
- Each account can only view and operate its own databases.
For more information, see access control.
- RDS is protected by multiple firewall layers that block various network attacks and ensure data security.
- Direct logon to the RDS server is not allowed. Only the ports required by certain database services are open.
- RDS servers cannot initiate an external connection. It can only accept access requests.
For more information, see Network isolation.
Professional security team
Aliabab Cloud security team is responsible for ensuring the security of RDS.