Monitoring a Gateway Subnet
This feature allows you to enforce that no unauthorized virtual machine (EC2/VM/GCE) instances are being launched on the gateway subnet. Since an Aviatrix gateway must be launched on a public subnet in AWS, if you have policies that no virtual machine instances can be launched on public subnets, this feature addresses that concern.
When it is enabled, the Controller periodically monitors the selected subnet where gateway is launched from. If it detects virtual machine instances being launched, the Controller sends an alert email to admin and immediately stops the instance(s).
You can exclude certain instances by entering instance IDs separated by commas.
This feature is only available for AWS. |
To configure:
-
Go to the Gateway page.
-
Highlight a gateway and click Edit.
-
Scroll down to Monitor Gateway Subnet.
-
Click Enable and then optionally enter excluding instance ID(s). Click OK when finished.
Click Disable to remove all excluding instance ID(s).