This topic describes how to switch to the enhanced whitelist mode for an RDS for MariaDB instance.

Note Currently the enhanced whitelist mode is unavailable due to a network link upgrade. Notifications are given when the enhanced whitelist mode is available.

IP whitelist modes

ApsaraDB for RDS instances provide the following two IP whitelist modes:

  • Standard whitelist mode

    In this mode, the IP addresses in the whitelist do not distinguish between the classic network and VPCs. The IP addresses in the whitelist can access the RDS instance both in the classic network and VPCs. We recommend that you switch from the standard whitelist to the enhanced whitelist.


    通用模式
  • Enhanced whitelist mode
    In this mode, the whitelist is classified into two IP whitelist groups by network type: the classic-network whitelist group and the VPC whitelist group. When you create an IP whitelist, you must specify a network type.
    高安全模式

Changes after switching to the enhanced whitelist mode

If your RDS instance is in a VPC, the original IP address whitelists of your RDS instance are replicated to a new IP address whitelist that is suitable to VPC.

Note Switching to the enhanced whitelist mode does not affect the ECS instances that are in the ECS security group whitelist.

Precautions

  • You can switch from the standard whitelist to the enhanced whitelist. However, you cannot switch from the enhanced whitelist to the standard whitelist.
  • In the enhanced mode, the classic-network whitelist group also applies to accesses from a public network. If you want to access the RDS instance from an instance, host, or application in the public network, you must add the public IP address to the classic-network whitelist group.

Procedure

  1. Log on to the RDS console.
  2. In the upper-left corner of the page, select the region where the target RDS instance is located.
    选择地域
  3. Find the target RDS instance and click the instance ID.
  4. In the left-side navigation pane, click Data Security.
  5. On the Whitelist Settings tab, click Switch to Enhanced Whitelist (Recommended).
    切换高安全白名单模式(推荐)
  6. In the message box that appears, click OK.