Limit item | Limit | Description |
Number of custom protection rules | 100 | A maximum of 100 custom protection rules can be created per account. |
Number of threat intelligence protection rules | 100 | A maximum of 100 threat intelligence protection rules can be created per account. The limits for internal DNS firewalls and public recursive firewalls are calculated separately. |
Number of blocked domain names per custom protection rule | 2,000 | A maximum of 2,000 domain names can be blocked by each custom protection rule. A wildcard domain name is counted as a single domain name. |
Number of source IP address segments for DNS requests per protection rule | 100 |
|
Number of protection rules with the same blocked domain names and effective scope | 10 | A maximum of 10 protection rules can have the same blocked domain names and effective scope per account. |
Number of associated VPCs for the same blocked domain name | 100 | A maximum of 100 VPCs can be associated with the same blocked domain name per account. |
Number of associated scopes (VPCs or dedicated configuration IDs) for the same secondary intelligence type | 100 | A maximum of 100 scopes (VPCs or dedicated configuration IDs) can be associated with the same secondary intelligence type per account. VPCs and dedicated configuration IDs are counted separately. |
Number of protection rules with the same secondary intelligence type (or any type) and the same effective scope | 10 | A maximum of 10 protection rules can have the same secondary intelligence type and the same effective scope per account. |
In a cross-account scenario, if a VPC is associated with a protection rule, only the account that owns the rule can manage its association and dissociation. Other accounts cannot associate that VPC with or dissociate it from any protection rules.