Step 5: Add a Security Group Rule

Scenarios

After you create a security group, you can add rules to the security group. A rule applies either to inbound traffic or outbound traffic. After you add cloud resources to the security group, they are protected by the rules of the group.

Procedure

  1. Log in to the management console.

  2. Click image1 in the upper left corner and select the desired region and project.

  3. Click image2 in the upper left corner and choose Network > Virtual Private Cloud.

  4. In the navigation pane on the left, choose Access Control > Security Groups.

    The security group list is displayed.

  5. Locate the row that contains the target security group, click Manage Rule in the Operation column.

    The page for configuring security group rules is displayed.

  6. On the Inbound Rules tab, click Add Rule. In the displayed dialog box, set required parameters.

    You can click + to add more inbound rules.

    Table 1 Inbound rule parameter description

    Parameter

    Description

    Example Value

    Protocol & Port

    Protocol: The network protocol. Currently, the value can be All, TCP, UDP, ICMP, GRE, or others.

    Protocols/TCP (Custom ports)

    Port: The port or port range over which the traffic can reach your ECS. The value ranges from 1 to 65535.

    22, or 22-30

    Type

    The IP address type can be IPv4.

    IPv4

    Source

    Source of the security group rule. The value can be an IP address or a security group to allow access from IP addresses or instances in the security group. For example:

    • IP address:

      • Single IP address: 192.168.10.10/32

      • All IP addresses: 0.0.0.0/0

      • IP address range: 192.168.1.0/24

    • Security group: sg-A

    0.0.0.0/0

    Description

    Supplementary information about the security group rule. This parameter is optional.

    The security group rule description can contain a maximum of 255 characters and cannot contain angle brackets (< or >).

    -

  7. On the Outbound Rules tab, click Add Rule. In the displayed dialog box, set required parameters.

    You can click + to add more outbound rules.

    Table 2 Outbound rule parameter description

    Parameter

    Description

    Example Value

    Protocol & Port

    Protocol: The network protocol. Currently, the value can be All, TCP, UDP, ICMP, GRE, or others.

    Custom TCP

    Port: The port or port range over which the traffic can leave your ECS. The value ranges from 1 to 65535.

    22, or 22-30

    Type

    The IP address type can be IPv4.

    IPv4

    Destination

    Destination of the security group rule. The value can be an IP address or a security group to allow access to IP addresses or instances in the security group. For example:

    For more information, see Virtual Private Cloud User Guide.

    0.0.0.0/0

    Description

    Supplementary information about the security group rule. This parameter is optional.

    The security group rule description can contain a maximum of 255 characters and cannot contain angle brackets (< or >).

    -

  8. Click OK.

last updated: 2024-04-26 03:15