All Products
Search
Document Center

Cloud Config:Check the outbound bandwidth usage of a VPN Gateway

Last Updated:Jun 22, 2026

A VPN Gateway is non-compliant if its outbound bandwidth usage reaches or exceeds a specified value for at least 8 hours within a given time range. The rule does not apply when the VPN Gateway is not connected to CloudMonitor or when monitoring data is unavailable. The default detection range is 7 days. Detection uses the CloudMonitor monitoring data API and consumes the basic CloudMonitor free quota. To ensure detection quality, enable Hybrid Cloud Monitoring. For billing details, see CloudMonitor billing.

Risk level

Default risk level: Medium.

You can change the risk level as needed.

Detection logic

  • A VPN Gateway is non-compliant if its outbound bandwidth usage reaches or exceeds a specified value for at least 8 hours within a given time range. The rule does not apply when the VPN Gateway is not connected to CloudMonitor or when monitoring data is unavailable. The default detection range is 7 days. Detection uses the CloudMonitor monitoring data API and consumes the basic CloudMonitor free quota. To ensure detection quality, enable Hybrid Cloud Monitoring. For billing details, see CloudMonitor billing.

Rule details

Parameter

Description

Rule name

Check the outbound bandwidth usage of a VPN Gateway

Rule identifier

vpn-gateway-out-bandwidth-utilization-check

Tag

VPN

Automatic remediation

Not supported

Rule trigger

Periodic execution

Trigger frequency

24 hours

Supported resource types

ACS::VPN::VpnGateway

Rule input parameters

relativeTime (Default value: 168)
utilization (Default value: 80)