1. Help Center
  3. User Guide (Single Node)
  4. Deployment
  5. Preparing Resources
  6. Applying for a Subnet and Configuring a Security Group

Applying for a Subnet and Configuring a Security Group


To ensure proper communication between the ECSs in an SAP HANA system, apply a subnet for the ECSs and configure a proper security group.


  1. Apply for a subnet.

    1. Log in to the management console.
    2. Click in the upper left corner of the management console and select a region and project.
    3. On the homepage, choose Network > Virtual Private Cloud.
    4. Click the VPC to which the SAP HANA system belongs.
    5. Click the Subnets tab page, and then click Create Subnet.
    6. On the created Create Subnet page, configure parameters as prompted.
      • Name: Configure the subnet name that is easy to identify, for example, service_subnet.
      • CIDR: Configure this parameter according to the deployment plan described in section Network Planning.
      • Advanced Settings: Select Default.
    7. Click OK.
    8. Repeat 1.e to 1.g to create all required subnets according to the requirements specified in section Network Planning.

  2. Set security groups.

    You need to create a security group for all nodes in the SAP HANA system.
    1. Click Security Group on the left and then Create Security Group on the right side of the page. The Create Security Group page is displayed.
    2. Enter the security group name and click OK to complete the security group configuration.

      Name the security group that is easy to identify, for example, studio_security_group.

    3. Repeat 2.a to 2.b to create other security groups.
    4. In the security group list on the right of the page, click the security group for which a rule is to be added.
    5. Click Add Rule.
    6. Add the rule according to the requirements specified in section Network Planning.
      The default security group rules cannot be deleted. Figure 1 shows some default security group rules.
      Figure 1 Some default security group rules
    7. Repeat 2.d to 2.f to configure all security groups.