Default Security Groups and Security Group Rules

Your account automatically comes with a default security group. The default security group allows all outbound traffic, denies all inbound traffic, and allows all traffic between cloud resources in the group. Your cloud resources in this security group can communicate with each other already without adding additional rules.

Figure 1 shows the default security group rules. The following uses access between ECSs as an example.

**Figure 1** Default security group

Figure 1 Default security group

Table 1 describes the default rules for the default security group.

Table 1 Default security group rules

Direction

Protocol

Port/Range

Source/Destination

Description

Outbound

All

All

Destination: 0.0.0.0/0

Allows all outbound traffic.

Inbound

All

All

Source: the current security group (for example, sg-xxxxx)

Allows communications among ECSs within the security group and denies all inbound traffic (incoming data packets).
last updated: 2023-06-22 00:11