This section guides you on how to add a security group rule to control access from and to DDS DB instances in a security group.
The default security group rule allows all outgoing data packets. ECSs and DDS DB instances can access each other in the same security group. After a security group is created, you can add security group rules to control the access from and to the DDS DB instances in the security group.
By default, a tenant can create a maximum of 500 security group rules. An excessive number of security group rules increases the network latency of the first packet. It is recommended that you add a maximum of 50 rules for each security group.
- Log in to the management console.
- Click in the upper left corner and select a region and project.
- On the console homepage, under Network, click Virtual Private Cloud.
- In the navigation pane on the left, click Security Group.
- On the Security Group page, click the security group name.
- On the Inbound Rules tab, click Add Rule. In the displayed Add Inbound Rule dialog box, set required parameters to add inbound rules. On the Outbound Rules tab, click Add Rule. In the displayed Add Outbound Rule dialog box, set required parameters to add outbound rules.
- Add a security group rule as prompted.
- IP address: indicates that this rule applies to specified IP addresses. 0.0.0.0/0 indicates all IP addresses.
- Security group: indicates that this rule allows all IP addresses of ECSs in a specific security group to access DDS DB instances in the same security group.
- Click OK.