<p><strong><span style="font-size:18px">Does ELB support access control?</span></strong></p> <p>Yes.</p> <p>ELB supports the following two access control modes:</p> <p>&bull;&nbsp;&nbsp;&nbsp;&nbsp; Whitelist: only the IPs in the policy group can access the listener.</p> <p>&bull;&nbsp;&nbsp;&nbsp;&nbsp; Blacklist: only the IPs in the policy group cannot access the listener.</p> <p><strong><span style="font-size:18px">What if I create a policy group without enabling the access control?</span></strong></p> <p>The access control will not take effect if you only create a policy group and add IP address and IP address segments to the policy group, but do not enable access control.</p> <p><strong><span style="font-size:18px">Is it necessary to specify policy groups and access control modes when enabling access control?</span></strong></p> <p>Yes. The configured access control will not take effect, if you do not specify the policy group or access control mode when enabling access control.</p> <p><strong><span style="font-size:18px">What is the role of whitelist in access control mode?</span></strong></p> <p>Whitelist is an access control mode. Whitelisting is used in scenarios where only specific IPs can access ELB listeners.</p> <p>There are business risks if you configure whitelist. Once you configure the whitelist only the specified IPs in the policy group can access ELB listening.</p> <p><strong><span style="font-size:18px">What is the role of blacklist in access control mode?</span></strong></p> <p>Blacklist is an access control mode. Blacklisting is used in scenarios where only specific IPs cannot access the ELB listener.</p> <p>When you enable access control and select blacklist, the listener will refuse to forward requests from the IPs in the policy group, and will permit access requests from all IPs other than the specified policy group.</p> <p>How can the blacklist/whitelist policy manually enabled through tickets be compatible with the policy created by myself?</p> <p>Ping An Cloud have manually enabled blacklist/whitelist for users who have asked through submitting tickets before the access control function is launched. After the access control is launched, the access control function is open to all users.</p> <p>You need to re-enter the entries which are configured manually through tickets in the access control policy to make sure they can be compatible with each other.</p> <p><strong><span style="font-size:18px">What is the impact if I disable access control?</span></strong></p> <p>After disabling the access control function, your listener will make ELB forwarding of all access requests sent from all IPs.</p> <p><strong><span style="font-size:18px">Can I create a blacklist/whitelist entry by submitting a ticket?</span></strong></p> <p>You cannot create a blacklist/whitelist entry after the access control function is launched.</p> <p>&nbsp;</p> <p>&nbsp;</p>