2024/04/22
Effective Date: April 22, 2024 at 10:00 AM (UTC+8)
Adjustment Details: Alibaba Cloud will be implementing an enhancement to the security group functionality of its Edge Node Service (ENS). Starting from April 22, 2024, at 10:00 AM, newly created security groups will include a default inbound deny rule as part of their configuration, aimed at bolstering overall business security. This adjustment will not impact existing security groups and their associated instances in your inventory; however, please take note of the following key points when working with new security groups:
1. For Instances Without Public Network Interface Cards (ENIs):
a. After binding to a newly created security group, internal network communication will not be enabled by default. To enable inter-instance communication within the private network, please add appropriate inbound rules.
b. If the instance is already bound to an Edge Elastic IP, NAT Gateway, or Edge Load Balancer, ensure that the necessary public inbound rules are present when associating with the new security group to avoid disrupting your services.
2. For Instances With Public Network Interface Cards (ENIs):
a. Internal network communication remains unaffected.
b. By default, public internet access will be blocked; therefore, it is essential to ensure that the appropriate public inbound rules are in place to allow external access.
Adjustment Details: Alibaba Cloud will be implementing an enhancement to the security group functionality of its Edge Node Service (ENS). Starting from April 22, 2024, at 10:00 AM, newly created security groups will include a default inbound deny rule as part of their configuration, aimed at bolstering overall business security. This adjustment will not impact existing security groups and their associated instances in your inventory; however, please take note of the following key points when working with new security groups:
1. For Instances Without Public Network Interface Cards (ENIs):
a. After binding to a newly created security group, internal network communication will not be enabled by default. To enable inter-instance communication within the private network, please add appropriate inbound rules.
b. If the instance is already bound to an Edge Elastic IP, NAT Gateway, or Edge Load Balancer, ensure that the necessary public inbound rules are present when associating with the new security group to avoid disrupting your services.
2. For Instances With Public Network Interface Cards (ENIs):
a. Internal network communication remains unaffected.
b. By default, public internet access will be blocked; therefore, it is essential to ensure that the appropriate public inbound rules are in place to allow external access.
