Restrict Org from Public Internet Access
future consideration
Daniel Lotterman
Certain security policy burdened customers may have a policy of restricting the use of any infrastructure service with public facing internet connectivity. More than just the optional toggle in the instance provisioning flow, these customers want to guarantee that no instance launched under a given org could ever have had ingress or egress access to the public internet, so that no "regular" permissioned user can provision an instance or service with any access to a publically routable network.
* This could be accomplished by enforcing a "Do not provision with public IPs" toggle for an entire org
* Could also be enforced by creating a setting for "Default VLANs" for a "Layer-2" only/by default deployment flow (does not currently exist). This would enable a customer to provision an instance into a customer managed network for the lifecycle of that instance.
R
Ravinder Braich
future consideration
P
Paul Teich
This is mutually exclusive with c3.small SGX... customer enablement of SGX gen1 depends on public internet access to ping Intel servers. That will also be true with Ice Lake SGX gen2, unless we host our own attestation servers as a customer service. Or if the customer hosts their own...
E
Enkel Prifti
Paul Teich: For this ask i don't think we need to disable internet access entirely. The issue is that a server is provision in L3 mode by default so it's exposed to the internet. Having the ability to provision the server directly in L2 mode without needing to start from L3 then convert to L2 should solve this ask. The user should have the option of picking whether they want to provision directly in L3 as it is today for requirements like SGX or provision directly in L2 or hybrid mode. They could choose a default mode but we shouldn't block the option of provisioning L3 servers entirely. Daniel Lotterman can correct me if im wrong.
E
Enkel Prifti
This would fit in with what I've also been thinking that there should be the option to provision instances directly into a certain network mode such as Layer 2 mode and the user provides the VLAN along with private IP address so that the provisioning system will go and configure that private IP/VLAN in the OS interfaces.
This would be a great improvement over the current workflow of deploying an instance in Layer 3 -> convert to Layer 2 -> Attach VLAN to instance -> Configure host OS interface.