By default, Internet-based access is disabled for newly created instances to ensure resource access security. For existing instances that are created earlier, Internet-based access is enabled by default. You can use the following methods to disable Internet-based access for a Tablestore instance:
Make sure that Internet-based access is no longer required before you disable Internet-based access for an instance. Otherwise, your business may be affected.
Disable Internet-based access
-
Go to the Instance Management page.
-
Log on to the Tablestore console.
-
In the upper part of the page, select a resource group and a region.
-
On the Overview page, in the Instances section, click the name of the instance you want to manage, or click Manage Instance in the Actions column.
-
-
On the Instance Management page, click the Network Management tab.
-
In the Network Access Control section, set Access Type to Custom.
-
For the Allowed Network Type parameter, deselect Internet.
After you disable Internet-based access for an instance, you can configure whether to allow access to the instance in the Tablestore console or over VPC or the classic network. In addition, you can bind a VPC to the instance. This way, you can access the instance over the VPC.
-
Click Configure.
Restrict the access type
Alternatively, you can change the network Access Type to Tablestore Console or Bound VPC Access or Bound VPC Access, and bind a VPC to the instance. This ensures that Tablestore resources are accessible only from the bound Virtual Private Cloud, enhancing network security. For detailed instructions, see Access Tablestore instances over VPCs.
You can use the compliance audit rules of Cloud Config to quickly find and fix Tablestore instances where the instance network type is not set to Tablestore Console or Bound VPCs. For more information, see Create a rule based on a managed rule.