跳转到主内容

是否可以更改 CVO 的 AWS 外部安全组配置?

Views:
13
Visibility:
Public
Votes:
0
Category:
cloud-manager
Specialty:
cloud
Last Updated:

适用于

  • Cloud Volumes ONTAP ( CVO )
  • Amazon Web Services ( AWS )
  • Cloud Manager
  • 内部和外部安全组配置

解答

  • Cloud Manager 可创建 AWS 安全组

    其中包括入站和出站规则,即 Cloud Manager CVO 需要成功运行
  • 如果需要,您可以创建自己的规则或编辑预定义的规则

示例:

CVO HA 调解器的预定义外部安全组包括 2 个入站规则,允许通过 SSH 访问(端口 22 )和 TCP 端口 3000 从 Cloud Manager 进行 RESTful API 访问。默认情况下,这两个规则允许连接所有 IP (源 IP 为 0.0.0.0/0 )。

  • 您可以限制这些规则的源 IP 。"if needed"?

示例:

  • SSH 端口 22 :仅允许可信公有 IP 或禁止从网络外部进行 SSH 访问
  • TCP 端口 3000 :仅允许 Cloud Manager IP
有关每个实例所需端口和协议的信息,请参见 Cloud Manager - AWS 的安全组规则文档

 

NetApp provides no representations or warranties regarding the accuracy or reliability or serviceability of any information or recommendations provided in this publication or with respect to any results that may be obtained by the use of the information or observance of any recommendations provided herein. The information in this document is distributed AS IS and the use of this information or the implementation of any recommendations or techniques herein is a customer's responsibility and depends on the customer's ability to evaluate and integrate them into the customer's operational environment. This document and the information contained herein may be used solely in connection with the NetApp products discussed in this document.