lboka/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity

VPC UMN 20240105 version

Browse Source 
Reviewed-by: Sarda, Priya <prsarda@noreply.gitea.eco.tsi-dev.otc-service.com>
Co-authored-by: Qin Ying, Fan <fanqinying@huawei.com>
Co-committed-by: Qin Ying, Fan <fanqinying@huawei.com>
This commit is contained in:
Qin Ying, Fan 2024-04-18 12:13:40 +00:00 committed by zuul
parent 61db61b4e5
commit 662ede2c6b
352 changed files with 3258 additions and 2444 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1808
docs/vpc/umn/ALL_META.TXT.json
View File

File diff suppressed because it is too large Load Diff

916
docs/vpc/umn/CLASS.TXT.json
View File

File diff suppressed because it is too large Load Diff

2
docs/vpc/umn/FlowLog_0002.html
View File

@ -3,7 +3,7 @@
<h1 class="topictitle1">VPC Flow Log Overview</h1>
<div id="body1547961960823"><div class="section" id="FlowLog_0002__section1937236135914"><h4 class="sectiontitle">What Is a VPC Flow Log?</h4><p id="FlowLog_0002__p8060118">A VPC flow log records information about the traffic going to and from a VPC. VPC flow logs help you monitor network traffic, analyze network attacks, and determine whether security group and <span id="FlowLog_0002__text11248715171311">firewall</span><span id="FlowLog_0002__text45551720134"></span> rules require modification.</p>
<p id="FlowLog_0002__p38692616421">VPC flow logs must be used together with the Log Tank Service (LTS). Before you create a VPC flow log, you need to create a log group and a log topic in LTS. <a href="#FlowLog_0002__fig1535115691415">Figure 1</a> shows the process for configuring VPC flow logs.</p>
<div class="fignone" id="FlowLog_0002__fig1535115691415"><a name="FlowLog_0002__fig1535115691415"></a><a name="fig1535115691415"></a><span class="figcap"><b>Figure 1 </b>Configuring VPC flow logs</span><br><span><img class="vsd" id="FlowLog_0002__image9661037927" src="en-us_image_0162336264.png"></span></div>
<div class="fignone" id="FlowLog_0002__fig1535115691415"><a name="FlowLog_0002__fig1535115691415"></a><a name="fig1535115691415"></a><span class="figcap"><b>Figure 1 </b>Configuring VPC flow logs</span><br><span><img class="vsd" id="FlowLog_0002__image9661037927" src="en-us_image_0000001818823626.png"></span></div>
</div>
<div class="section" id="FlowLog_0002__section1095231112517"><h4 class="sectiontitle">Notes and Constraints</h4><ul id="FlowLog_0002__ul18195045135317"><li id="FlowLog_0002__li13405622115110">Currently, C3, M3, and S2 ECSs support VPC flow logs.</li><li id="FlowLog_0002__li21719253511">Each account can have up to 10 VPC flow logs in a region.</li><li id="FlowLog_0002__li11560111014356">By default, a maximum of 400,000 flow log records are supported.</li></ul>
</div>

52
docs/vpc/umn/FlowLog_0003.html
View File

@ -7,68 +7,68 @@
<ul id="FlowLog_0003__ul2636114175114"><li id="FlowLog_0003__li196360418515">Create a log group.</li><li id="FlowLog_0003__li0636194119514">Create a log topic.</li></ul>
<p id="FlowLog_0003__p14332047105117">For more information about the LTS service, see the <em id="FlowLog_0003__i131771016125018">Log Tank Service User Guide</em>.</p>
</div>
<div class="section" id="FlowLog_0003__section7359352124511"><h4 class="sectiontitle">Procedure</h4><ol id="FlowLog_0003__ol1599100493"><li id="FlowLog_0003__li16376160184113">Log in to the management console.</li></ol><ol start="2" id="FlowLog_0003__ol433412616258"><li id="FlowLog_0003__li1261701516256">Click <span><img id="FlowLog_0003__en-us_topic_0013748726_image338921514480" src="en-us_image_0141273034.png"></span> in the upper left corner and select the desired region and project.</li></ol><ol start="3" id="FlowLog_0003__ol113341928344"><li id="FlowLog_0003__li65321958215">Click <span><img id="FlowLog_0003__en-us_topic_0013748738_image8750174734412" src="en-us_image_0000001675616561.png"></span> in the upper left corner and choose <strong id="FlowLog_0003__b1879018432820"><span id="FlowLog_0003__text5790134192813">Network</span><span id="FlowLog_0003__text13790246286"></span></strong> &gt; <strong id="FlowLog_0003__b67909411283">Virtual Private Cloud</strong>.<p id="FlowLog_0003__p1182103318256">The <strong id="FlowLog_0003__b8628131015285">Virtual Private Cloud</strong> page is displayed.</p>
</li></ol><ol start="4" id="FlowLog_0003__ol86651458101716"><li id="FlowLog_0003__li15362774171923">In the navigation pane on the left, choose <strong id="FlowLog_0003__b118476383503">VPC Flow Logs</strong>.</li><li id="FlowLog_0003__li56651158141710">In the upper right corner, click <strong id="FlowLog_0003__b84235270610118">Create VPC Flow Log</strong>. On the displayed page, configure parameters as prompted.<div class="fignone" id="FlowLog_0003__fig4520438111212"><span class="figcap"><b>Figure 1 </b>Create VPC Flow Log</span><br><span><img id="FlowLog_0003__image6520113821218" src="en-us_image_0191544038.png"></span></div>
<div class="section" id="FlowLog_0003__section7359352124511"><h4 class="sectiontitle">Procedure</h4><ol id="FlowLog_0003__ol1599100493"><li id="FlowLog_0003__li16376160184113">Log in to the management console.</li></ol><ol start="2" id="FlowLog_0003__ol433412616258"><li id="FlowLog_0003__li1261701516256">Click <span><img id="FlowLog_0003__image87111240141819" src="en-us_image_0000001818982734.png"></span> in the upper left corner and select the desired region and project.</li></ol><ol start="3" id="FlowLog_0003__ol113341928344"><li id="FlowLog_0003__li65321958215">Click <span><img id="FlowLog_0003__en-us_topic_0118498850_image8750174734412" src="en-us_image_0000001865663109.png"></span> in the upper left corner and choose <strong id="FlowLog_0003__b1879018432820"><span id="FlowLog_0003__text5790134192813">Network</span><span id="FlowLog_0003__text13790246286"></span></strong> &gt; <strong id="FlowLog_0003__b67909411283">Virtual Private Cloud</strong>.<p id="FlowLog_0003__p1182103318256">The <strong id="FlowLog_0003__b8628131015285">Virtual Private Cloud</strong> page is displayed.</p>
</li></ol><ol start="4" id="FlowLog_0003__ol86651458101716"><li id="FlowLog_0003__li15362774171923">In the navigation pane on the left, choose <strong id="FlowLog_0003__b118476383503">VPC Flow Logs</strong>.</li><li id="FlowLog_0003__li56651158141710">In the upper right corner, click <strong id="FlowLog_0003__b84235270610118">Create VPC Flow Log</strong>. On the displayed page, configure parameters as prompted.<div class="fignone" id="FlowLog_0003__fig4520438111212"><span class="figcap"><b>Figure 1 </b>Create VPC Flow Log</span><br><span><img id="FlowLog_0003__image6520113821218" src="en-us_image_0000001865582905.png"></span></div>
<div class="p" id="FlowLog_0003__p159985372119">
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="FlowLog_0003__table134731712211" frame="border" border="1" rules="all"><caption><b>Table 1 </b>Parameter descriptions</caption><thead align="left"><tr id="FlowLog_0003__row1434717171627"><th align="left" class="cellrowborder" valign="top" width="19.24%" id="mcps1.3.3.6.2.3.1.2.4.1.1"><p id="FlowLog_0003__p234731711214"><strong id="FlowLog_0003__b729481085112">Parameter</strong></p>
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="FlowLog_0003__table134731712211" frame="border" border="1" rules="all"><caption><b>Table 1 </b>Parameter descriptions</caption><thead align="left"><tr id="FlowLog_0003__row1434717171627"><th align="left" class="cellrowborder" valign="top" width="19.24%" id="mcps1.3.3.5.2.3.1.2.4.1.1"><p id="FlowLog_0003__p234731711214"><strong id="FlowLog_0003__b729481085112">Parameter</strong></p>
</th>
<th align="left" class="cellrowborder" valign="top" width="55.7%" id="mcps1.3.3.6.2.3.1.2.4.1.2"><p id="FlowLog_0003__p934711715210"><strong id="FlowLog_0003__b761217124516">Description</strong></p>
<th align="left" class="cellrowborder" valign="top" width="55.7%" id="mcps1.3.3.5.2.3.1.2.4.1.2"><p id="FlowLog_0003__p934711715210"><strong id="FlowLog_0003__b761217124516">Description</strong></p>
</th>
<th align="left" class="cellrowborder" valign="top" width="25.06%" id="mcps1.3.3.6.2.3.1.2.4.1.3"><p id="FlowLog_0003__p23473171214"><strong id="FlowLog_0003__b9956614115118">Example Value</strong></p>
<th align="left" class="cellrowborder" valign="top" width="25.06%" id="mcps1.3.3.5.2.3.1.2.4.1.3"><p id="FlowLog_0003__p23473171214"><strong id="FlowLog_0003__b9956614115118">Example Value</strong></p>
</th>
</tr>
</thead>
<tbody><tr id="FlowLog_0003__row2034718171526"><td class="cellrowborder" valign="top" width="19.24%" headers="mcps1.3.3.6.2.3.1.2.4.1.1 "><p id="FlowLog_0003__p63477171520">Name</p>
<tbody><tr id="FlowLog_0003__row2034718171526"><td class="cellrowborder" valign="top" width="19.24%" headers="mcps1.3.3.5.2.3.1.2.4.1.1 "><p id="FlowLog_0003__p63477171520">Name</p>
</td>
<td class="cellrowborder" valign="top" width="55.7%" headers="mcps1.3.3.6.2.3.1.2.4.1.2 "><p id="FlowLog_0003__p0347817222">The VPC flow log name.</p>
<td class="cellrowborder" valign="top" width="55.7%" headers="mcps1.3.3.5.2.3.1.2.4.1.2 "><p id="FlowLog_0003__p0347817222">The VPC flow log name.</p>
<p id="FlowLog_0003__p3691035194820">The name can contain a maximum of 64 characters, which may consist of letters, digits, underscores (_), hyphens (-), and periods (.). The name cannot contain spaces.</p>
</td>
<td class="cellrowborder" valign="top" width="25.06%" headers="mcps1.3.3.6.2.3.1.2.4.1.3 "><p id="FlowLog_0003__p14347191710216">flowlog-495d</p>
<td class="cellrowborder" valign="top" width="25.06%" headers="mcps1.3.3.5.2.3.1.2.4.1.3 "><p id="FlowLog_0003__p14347191710216">flowlog-495d</p>
</td>
</tr>
<tr id="FlowLog_0003__row183478171729"><td class="cellrowborder" valign="top" width="19.24%" headers="mcps1.3.3.6.2.3.1.2.4.1.1 "><p id="FlowLog_0003__p11347141710216">Resource Type</p>
<tr id="FlowLog_0003__row183478171729"><td class="cellrowborder" valign="top" width="19.24%" headers="mcps1.3.3.5.2.3.1.2.4.1.1 "><p id="FlowLog_0003__p11347141710216">Resource Type</p>
</td>
<td class="cellrowborder" valign="top" width="55.7%" headers="mcps1.3.3.6.2.3.1.2.4.1.2 "><p id="FlowLog_0003__p834721711219">The type of resources whose traffic is to be logged. You can select <strong id="FlowLog_0003__b319411435314">NIC</strong>, <strong id="FlowLog_0003__b5601749103210">Subnet</strong>, or <strong id="FlowLog_0003__b126016495328">VPC</strong>.</p>
<td class="cellrowborder" valign="top" width="55.7%" headers="mcps1.3.3.5.2.3.1.2.4.1.2 "><p id="FlowLog_0003__p834721711219">The type of resources whose traffic is to be logged. You can select <strong id="FlowLog_0003__b319411435314">NIC</strong>, <strong id="FlowLog_0003__b5601749103210">Subnet</strong>, or <strong id="FlowLog_0003__b126016495328">VPC</strong>.</p>
</td>
<td class="cellrowborder" valign="top" width="25.06%" headers="mcps1.3.3.6.2.3.1.2.4.1.3 "><p id="FlowLog_0003__p6347317525">NIC</p>
<td class="cellrowborder" valign="top" width="25.06%" headers="mcps1.3.3.5.2.3.1.2.4.1.3 "><p id="FlowLog_0003__p6347317525">NIC</p>
</td>
</tr>
<tr id="FlowLog_0003__row83477171628"><td class="cellrowborder" valign="top" width="19.24%" headers="mcps1.3.3.6.2.3.1.2.4.1.1 "><p id="FlowLog_0003__p1081611984120">Resource</p>
<tr id="FlowLog_0003__row83477171628"><td class="cellrowborder" valign="top" width="19.24%" headers="mcps1.3.3.5.2.3.1.2.4.1.1 "><p id="FlowLog_0003__p1081611984120">Resource</p>
</td>
<td class="cellrowborder" valign="top" width="55.7%" headers="mcps1.3.3.6.2.3.1.2.4.1.2 "><p id="FlowLog_0003__p143471917921">The specific NIC whose traffic is to be logged.</p>
<td class="cellrowborder" valign="top" width="55.7%" headers="mcps1.3.3.5.2.3.1.2.4.1.2 "><p id="FlowLog_0003__p143471917921">The specific NIC whose traffic is to be logged.</p>
<div class="note" id="FlowLog_0003__note81381412191719"><span class="notetitle"> NOTE: </span><div class="notebody"><p id="FlowLog_0003__p111391812141715">We recommend that you select an ECS that is in the running state. If an ECS in the stopped state is selected, restart the ECS after creating the VPC flow log for accurately recording the information about the traffic going to and from the ECS NIC.</p>
</div></div>
</td>
<td class="cellrowborder" valign="top" width="25.06%" headers="mcps1.3.3.6.2.3.1.2.4.1.3 "><p id="FlowLog_0003__p4347517128">N/A</p>
<td class="cellrowborder" valign="top" width="25.06%" headers="mcps1.3.3.5.2.3.1.2.4.1.3 "><p id="FlowLog_0003__p4347517128">N/A</p>
</td>
</tr>
<tr id="FlowLog_0003__row734713175216"><td class="cellrowborder" valign="top" width="19.24%" headers="mcps1.3.3.6.2.3.1.2.4.1.1 "><p id="FlowLog_0003__p934719178215">Filter</p>
<tr id="FlowLog_0003__row734713175216"><td class="cellrowborder" valign="top" width="19.24%" headers="mcps1.3.3.5.2.3.1.2.4.1.1 "><p id="FlowLog_0003__p934719178215">Filter</p>
</td>
<td class="cellrowborder" valign="top" width="55.7%" headers="mcps1.3.3.6.2.3.1.2.4.1.2 "><ul id="FlowLog_0003__ul1934716177219"><li id="FlowLog_0003__li1034717173218"><strong id="FlowLog_0003__b934111133020">All traffic</strong>: specifies that both accepted and rejected traffic of the specified resource will be logged.</li><li id="FlowLog_0003__li16347317329"><strong id="FlowLog_0003__b918513514319">Accepted traffic</strong>: specifies that only accepted traffic of the specified resource will be logged. Accepted traffic refers to the traffic permitted by the security group or <span id="FlowLog_0003__text11248715171311">firewall</span><span id="FlowLog_0003__text45551720134"></span>.</li><li id="FlowLog_0003__li15347111710218"><strong id="FlowLog_0003__b22744512232">Rejected traffic</strong>: specifies that only rejected traffic of the specified resource will be logged. Rejected traffic refers to the traffic denied by the <span id="FlowLog_0003__text770047201316">firewall</span><span id="FlowLog_0003__text167001772131"></span>.</li></ul>
<td class="cellrowborder" valign="top" width="55.7%" headers="mcps1.3.3.5.2.3.1.2.4.1.2 "><ul id="FlowLog_0003__ul1934716177219"><li id="FlowLog_0003__li1034717173218"><strong id="FlowLog_0003__b934111133020">All traffic</strong>: specifies that both accepted and rejected traffic of the specified resource will be logged.</li><li id="FlowLog_0003__li16347317329"><strong id="FlowLog_0003__b918513514319">Accepted traffic</strong>: specifies that only accepted traffic of the specified resource will be logged. Accepted traffic refers to the traffic permitted by the security group or <span id="FlowLog_0003__text11248715171311">firewall</span><span id="FlowLog_0003__text45551720134"></span>.</li><li id="FlowLog_0003__li15347111710218"><strong id="FlowLog_0003__b22744512232">Rejected traffic</strong>: specifies that only rejected traffic of the specified resource will be logged. Rejected traffic refers to the traffic denied by the <span id="FlowLog_0003__text770047201316">firewall</span><span id="FlowLog_0003__text167001772131"></span>.</li></ul>
</td>
<td class="cellrowborder" valign="top" width="25.06%" headers="mcps1.3.3.6.2.3.1.2.4.1.3 "><p id="FlowLog_0003__p93471617626">All</p>
<td class="cellrowborder" valign="top" width="25.06%" headers="mcps1.3.3.5.2.3.1.2.4.1.3 "><p id="FlowLog_0003__p93471617626">All</p>
</td>
</tr>
<tr id="FlowLog_0003__row143475171327"><td class="cellrowborder" valign="top" width="19.24%" headers="mcps1.3.3.6.2.3.1.2.4.1.1 "><p id="FlowLog_0003__p734771710219">Log Group</p>
<tr id="FlowLog_0003__row143475171327"><td class="cellrowborder" valign="top" width="19.24%" headers="mcps1.3.3.5.2.3.1.2.4.1.1 "><p id="FlowLog_0003__p734771710219">Log Group</p>
</td>
<td class="cellrowborder" valign="top" width="55.7%" headers="mcps1.3.3.6.2.3.1.2.4.1.2 "><p id="FlowLog_0003__p16347111715218">The log group created in LTS.</p>
<td class="cellrowborder" valign="top" width="55.7%" headers="mcps1.3.3.5.2.3.1.2.4.1.2 "><p id="FlowLog_0003__p16347111715218">The log group created in LTS.</p>
</td>
<td class="cellrowborder" valign="top" width="25.06%" headers="mcps1.3.3.6.2.3.1.2.4.1.3 "><p id="FlowLog_0003__FlowLog_0003_p634714176216">lts-group-abc</p>
<td class="cellrowborder" valign="top" width="25.06%" headers="mcps1.3.3.5.2.3.1.2.4.1.3 "><p id="FlowLog_0003__en-us_topic_0151016581_p634714176216">lts-group-abc</p>
</td>
</tr>
<tr id="FlowLog_0003__row63479171326"><td class="cellrowborder" valign="top" width="19.24%" headers="mcps1.3.3.6.2.3.1.2.4.1.1 "><p id="FlowLog_0003__p133476171224">Log Topic</p>
<tr id="FlowLog_0003__row63479171326"><td class="cellrowborder" valign="top" width="19.24%" headers="mcps1.3.3.5.2.3.1.2.4.1.1 "><p id="FlowLog_0003__p133476171224">Log Topic</p>
</td>
<td class="cellrowborder" valign="top" width="55.7%" headers="mcps1.3.3.6.2.3.1.2.4.1.2 "><p id="FlowLog_0003__p2347101712216">The log topic created in LTS.</p>
<td class="cellrowborder" valign="top" width="55.7%" headers="mcps1.3.3.5.2.3.1.2.4.1.2 "><p id="FlowLog_0003__p2347101712216">The log topic created in LTS.</p>
</td>
<td class="cellrowborder" valign="top" width="25.06%" headers="mcps1.3.3.6.2.3.1.2.4.1.3 "><p id="FlowLog_0003__FlowLog_0003_p43470173218">LogTopic1</p>
<td class="cellrowborder" valign="top" width="25.06%" headers="mcps1.3.3.5.2.3.1.2.4.1.3 "><p id="FlowLog_0003__en-us_topic_0151016581_p43470173218">LogTopic1</p>
</td>
</tr>
<tr id="FlowLog_0003__row1834761720219"><td class="cellrowborder" valign="top" width="19.24%" headers="mcps1.3.3.6.2.3.1.2.4.1.1 "><p id="FlowLog_0003__p113471171229">Description</p>
<tr id="FlowLog_0003__row1834761720219"><td class="cellrowborder" valign="top" width="19.24%" headers="mcps1.3.3.5.2.3.1.2.4.1.1 "><p id="FlowLog_0003__p113471171229">Description</p>
</td>
<td class="cellrowborder" valign="top" width="55.7%" headers="mcps1.3.3.6.2.3.1.2.4.1.2 "><p id="FlowLog_0003__p43473171124">Supplementary information about the VPC flow log. This parameter is optional.</p>
<td class="cellrowborder" valign="top" width="55.7%" headers="mcps1.3.3.5.2.3.1.2.4.1.2 "><p id="FlowLog_0003__p43473171124">Supplementary information about the VPC flow log. This parameter is optional.</p>
<p id="FlowLog_0003__p17347181718216">The VPC flow log description can contain a maximum of 255 characters and cannot contain angle brackets (&lt; or &gt;).</p>
</td>
<td class="cellrowborder" valign="top" width="25.06%" headers="mcps1.3.3.6.2.3.1.2.4.1.3 "><p id="FlowLog_0003__p3347141715212">N/A</p>
<td class="cellrowborder" valign="top" width="25.06%" headers="mcps1.3.3.5.2.3.1.2.4.1.3 "><p id="FlowLog_0003__p3347141715212">N/A</p>
</td>
</tr>
</tbody>

96
docs/vpc/umn/FlowLog_0004.html
View File

File diff suppressed because it is too large Load Diff

4
docs/vpc/umn/FlowLog_0005.html
View File

@ -5,8 +5,8 @@
<div class="note" id="FlowLog_0005__note3879192310615"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="FlowLog_0005__p10879923360">If a NIC that uses a VPC flow log is deleted, the flow log will be automatically deleted. However, the flow log records are not deleted.</p>
</div></div>
</div>
<div class="section" id="FlowLog_0005__section7359352124511"><h4 class="sectiontitle">Procedure</h4><ol id="FlowLog_0005__ol1599100493"><li id="FlowLog_0005__li16376160184113">Log in to the management console.</li></ol><ol start="2" id="FlowLog_0005__ol433412616258"><li id="FlowLog_0005__li1261701516256">Click <span><img id="FlowLog_0005__en-us_topic_0013748726_image338921514480" src="en-us_image_0141273034.png"></span> in the upper left corner and select the desired region and project.</li></ol><ol start="3" id="FlowLog_0005__ol113341928344"><li id="FlowLog_0005__li65321958215">Click <span><img id="FlowLog_0005__en-us_topic_0013748738_image8750174734412" src="en-us_image_0000001626736794.png"></span> in the upper left corner and choose <strong id="FlowLog_0005__b443115053714"><span id="FlowLog_0005__text17438506372">Network</span><span id="FlowLog_0005__text13431550143716"></span></strong> &gt; <strong id="FlowLog_0005__b124316505370">Virtual Private Cloud</strong>.<p id="FlowLog_0005__p1182103318256">The <strong id="FlowLog_0005__b3665355143718">Virtual Private Cloud</strong> page is displayed.</p>
</li></ol><ol start="4" id="FlowLog_0005__ol86651458101716"><li id="FlowLog_0005__li15362774171923">In the navigation pane on the left, choose <strong id="FlowLog_0005__b71643149529">VPC Flow Logs</strong>.</li><li id="FlowLog_0005__li7951185711459">Locate the row that contains the VPC flow log to be deleted and click <strong id="FlowLog_0005__b7845125318142">Delete</strong> in the <strong id="FlowLog_0005__b2084695319142">Operation</strong> column.<div class="fignone" id="FlowLog_0005__fig11695911145"><span class="figcap"><b>Figure 1 </b>Deleting a VPC flow log</span><br><span><img id="FlowLog_0005__image3696513415" src="en-us_image_0191594527.png"></span></div>
<div class="section" id="FlowLog_0005__section7359352124511"><h4 class="sectiontitle">Procedure</h4><ol id="FlowLog_0005__ol1599100493"><li id="FlowLog_0005__li16376160184113">Log in to the management console.</li></ol><ol start="2" id="FlowLog_0005__ol433412616258"><li id="FlowLog_0005__li1261701516256">Click <span><img id="FlowLog_0005__image1283111201914" src="en-us_image_0000001818982734.png"></span> in the upper left corner and select the desired region and project.</li></ol><ol start="3" id="FlowLog_0005__ol113341928344"><li id="FlowLog_0005__li65321958215">Click <span><img id="FlowLog_0005__en-us_topic_0118498850_image8750174734412" src="en-us_image_0000001865582989.png"></span> in the upper left corner and choose <strong id="FlowLog_0005__b443115053714"><span id="FlowLog_0005__text17438506372">Network</span><span id="FlowLog_0005__text13431550143716"></span></strong> &gt; <strong id="FlowLog_0005__b124316505370">Virtual Private Cloud</strong>.<p id="FlowLog_0005__p1182103318256">The <strong id="FlowLog_0005__b3665355143718">Virtual Private Cloud</strong> page is displayed.</p>
</li></ol><ol start="4" id="FlowLog_0005__ol86651458101716"><li id="FlowLog_0005__li15362774171923">In the navigation pane on the left, choose <strong id="FlowLog_0005__b71643149529">VPC Flow Logs</strong>.</li><li id="FlowLog_0005__li7951185711459">Locate the row that contains the VPC flow log to be deleted and click <strong id="FlowLog_0005__b7845125318142">Delete</strong> in the <strong id="FlowLog_0005__b2084695319142">Operation</strong> column.<div class="fignone" id="FlowLog_0005__fig11695911145"><span class="figcap"><b>Figure 1 </b>Deleting a VPC flow log</span><br><span><img id="FlowLog_0005__image3696513415" src="en-us_image_0000001818983242.png"></span></div>
</li><li id="FlowLog_0005__li56651158141710">Click <strong id="FlowLog_0005__b221712241717">Yes</strong> in the displayed dialog box.</li></ol>
</div>
</div>

2
docs/vpc/umn/FlowLog_0006.html
View File

@ -5,7 +5,7 @@
</div>
<div class="section" id="FlowLog_0006__section5107937172118"><h4 class="sectiontitle">Notes and Constraints</h4><ul id="FlowLog_0006__ul9238346192115"><li id="FlowLog_0006__li4238146122111">After a VPC flow log is enabled, the system starts to collect flow logs in the next log collection period.</li><li id="FlowLog_0006__li141151714234">After a VPC flow log is disabled, the system stops collecting flow logs in the next log collection period. Generated flow logs will still be reported.</li></ul>
</div>
<div class="section" id="FlowLog_0006__section7359352124511"><h4 class="sectiontitle">Procedure</h4><ol id="FlowLog_0006__ol1599100493"><li id="FlowLog_0006__li16376160184113">Log in to the management console.</li></ol><ol start="2" id="FlowLog_0006__ol433412616258"><li id="FlowLog_0006__li1261701516256">Click <span><img id="FlowLog_0006__en-us_topic_0013748726_image338921514480" src="en-us_image_0141273034.png"></span> in the upper left corner and select the desired region and project.</li></ol><ol start="3" id="FlowLog_0006__ol113341928344"><li id="FlowLog_0006__li65321958215">Click <span><img id="FlowLog_0006__en-us_topic_0013748738_image8750174734412" src="en-us_image_0000001627056686.png"></span> in the upper left corner and choose <strong id="FlowLog_0006__b1390013296375"><span id="FlowLog_0006__text13900229193718">Network</span><span id="FlowLog_0006__text1900829173716"></span></strong> &gt; <strong id="FlowLog_0006__b159001629173711">Virtual Private Cloud</strong>.<p id="FlowLog_0006__p1182103318256">The <strong id="FlowLog_0006__b917763412373">Virtual Private Cloud</strong> page is displayed.</p>
<div class="section" id="FlowLog_0006__section7359352124511"><h4 class="sectiontitle">Procedure</h4><ol id="FlowLog_0006__ol1599100493"><li id="FlowLog_0006__li16376160184113">Log in to the management console.</li></ol><ol start="2" id="FlowLog_0006__ol433412616258"><li id="FlowLog_0006__li1261701516256">Click <span><img id="FlowLog_0006__image59921057131810" src="en-us_image_0000001818982734.png"></span> in the upper left corner and select the desired region and project.</li></ol><ol start="3" id="FlowLog_0006__ol113341928344"><li id="FlowLog_0006__li65321958215">Click <span><img id="FlowLog_0006__en-us_topic_0118498850_image8750174734412" src="en-us_image_0000001818983174.png"></span> in the upper left corner and choose <strong id="FlowLog_0006__b1390013296375"><span id="FlowLog_0006__text13900229193718">Network</span><span id="FlowLog_0006__text1900829173716"></span></strong> &gt; <strong id="FlowLog_0006__b159001629173711">Virtual Private Cloud</strong>.<p id="FlowLog_0006__p1182103318256">The <strong id="FlowLog_0006__b917763412373">Virtual Private Cloud</strong> page is displayed.</p>
</li></ol><ol start="4" id="FlowLog_0006__ol86651458101716"><li id="FlowLog_0006__li15362774171923">In the navigation pane on the left, choose <strong id="FlowLog_0006__b14531953153514">VPC Flow Logs</strong>.</li><li id="FlowLog_0006__li11786153123011">Locate the VPC flow log to be enabled or disabled, and choose <strong id="FlowLog_0006__b1417519538118">More</strong> &gt; <strong id="FlowLog_0006__b18341923141120">Enable</strong> or <strong id="FlowLog_0006__b10997182191214">More</strong> &gt; <strong id="FlowLog_0006__b8834623191119">Disable</strong> in the <strong id="FlowLog_0006__b1583417239116">Operation</strong> column.</li><li id="FlowLog_0006__li488372733118">Click <strong id="FlowLog_0006__b84235270615469">Yes</strong>.</li></ol>
</div>
</div>

6
docs/vpc/umn/SecurityGroup_0003.html
View File

@ -1,10 +1,10 @@
<a name="SecurityGroup_0003"></a><a name="SecurityGroup_0003"></a>
<h1 class="topictitle1">Default Security Group and Its Rules</h1>
<div id="body1529924412907"><div class="p" id="SecurityGroup_0003__p38211617154214">If you have not created any security groups yet, the system automatically creates a default security group for you and associates it with the instance (such as an ECS) when you create it. A default security group has the following rules:<ul id="SecurityGroup_0003__ul13643173351019"><li id="SecurityGroup_0003__li164313371013">Inbound rules control incoming traffic to instances in a security group. Only instances in the same security group can communicate with each other, and all inbound requests are denied.</li><li id="SecurityGroup_0003__li176437339108">Outbound rules allow all outbound traffic and response traffic to the outbound requests.</li></ul>
<div id="body1529924412907"><div class="p" id="SecurityGroup_0003__p38211617154214">If you have not created any security groups yet, the system automatically creates a default security group for you and associates it with the instance when you create it. A default security group has the following rules:<ul id="SecurityGroup_0003__ul13643173351019"><li id="SecurityGroup_0003__li164313371013">Inbound rules control incoming traffic to instances in a security group. Only instances in the same security group can communicate with each other, and all inbound requests are denied.</li><li id="SecurityGroup_0003__li176437339108">Outbound rules allow all outbound traffic and response traffic to the outbound requests.</li></ul>
</div>
<div class="fignone" id="SecurityGroup_0003__fig997718156161"><span class="figcap"><b>Figure 1 </b>Default security group</span><br><span><img class="eddx" id="SecurityGroup_0003__image22171236172514" src="en-us_image_0000001230120807.png"></span></div>
<div class="note" id="SecurityGroup_0003__note154069174516"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="SecurityGroup_0003__ul13707733161311"><li id="SecurityGroup_0003__li04874352138">You cannot delete the default security group, but you can modify existing rules or add rules to the group.</li><li id="SecurityGroup_0003__li131365102713">The default security group is automatically created to simplify the process of creating an instance for the first time. The default security group denies all external requests. To log in to an instance, add a security group rule by referring to <a href="en-us_topic_0081124350.html#en-us_topic_0081124350__section14933617154810">Remotely Logging In to an ECS from a Local Server</a>.</li></ul>
<div class="fignone" id="SecurityGroup_0003__fig997718156161"><span class="figcap"><b>Figure 1 </b>Default security group</span><br><span><img class="eddx" id="SecurityGroup_0003__image22171236172514" src="en-us_image_0000001865662829.png"></span></div>
<div class="note" id="SecurityGroup_0003__note154069174516"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="SecurityGroup_0003__ul13707733161311"><li id="SecurityGroup_0003__li04874352138">You cannot delete the default security group, but you can modify existing rules or add rules to the group.</li><li id="SecurityGroup_0003__li131365102713">The default security group denies all external requests. To log in to an instance associated with this security group, add a security group rule by referring to <a href="en-us_topic_0081124350.html#en-us_topic_0081124350__section14933617154810">Remotely Logging In to an ECS from a Local Server</a>.</li></ul>
</div></div>
<p id="SecurityGroup_0003__p14738751115618"><a href="#SecurityGroup_0003__table493045171919">Table 1</a> describes the default rules for the default security group.</p>

8
docs/vpc/umn/SecurityGroup_0004.html
View File

@ -3,11 +3,11 @@
<h1 class="topictitle1">Fast-Adding Security Group Rules</h1>
<div id="body1529924415554"><div class="section" id="SecurityGroup_0004__section75471104513"><h4 class="sectiontitle">Scenarios</h4><p id="SecurityGroup_0004__p1185514308553">The fast-adding rule function of security groups allows you to quickly add rules with common ports and protocols for remote login, ping tests, common web services, and database services.</p>
</div>
<div class="section" id="SecurityGroup_0004__section5619104211210"><h4 class="sectiontitle">Procedure</h4><ol id="SecurityGroup_0004__ol193620537316"><li id="SecurityGroup_0004__li2849879021595">Log in to the management console.</li></ol><ol start="2" id="SecurityGroup_0004__ol1527262085715"><li id="SecurityGroup_0004__li11279102515716">Click <span><img id="SecurityGroup_0004__en-us_topic_0013748726_image338921514480" src="en-us_image_0141273034.png"></span> in the upper left corner and select the desired region and project.</li><li id="SecurityGroup_0004__li65321958215">Click <span><img id="SecurityGroup_0004__en-us_topic_0013748738_image8750174734412" src="en-us_image_0000001675373905.png"></span> in the upper left corner and choose <strong id="SecurityGroup_0004__b16700132282918"><span id="SecurityGroup_0004__text137001822112915">Network</span><span id="SecurityGroup_0004__text8700132217298"></span></strong> &gt; <strong id="SecurityGroup_0004__b070062213298">Virtual Private Cloud</strong>.<p id="SecurityGroup_0004__p1182103318256">The <strong id="SecurityGroup_0004__b317112962914">Virtual Private Cloud</strong> page is displayed.</p>
<div class="section" id="SecurityGroup_0004__section5619104211210"><h4 class="sectiontitle">Procedure</h4><ol id="SecurityGroup_0004__ol193620537316"><li id="SecurityGroup_0004__li2849879021595">Log in to the management console.</li></ol><ol start="2" id="SecurityGroup_0004__ol1527262085715"><li id="SecurityGroup_0004__li11279102515716">Click <span><img id="SecurityGroup_0004__en-us_topic_0118498823_image338921514480" src="en-us_image_0000001818982734.png"></span> in the upper left corner and select the desired region and project.</li><li id="SecurityGroup_0004__li65321958215">Click <span><img id="SecurityGroup_0004__en-us_topic_0118498850_image8750174734412" src="en-us_image_0000001818982858.png"></span> in the upper left corner and choose <strong id="SecurityGroup_0004__b16700132282918"><span id="SecurityGroup_0004__text137001822112915">Network</span><span id="SecurityGroup_0004__text8700132217298"></span></strong> &gt; <strong id="SecurityGroup_0004__b070062213298">Virtual Private Cloud</strong>.<p id="SecurityGroup_0004__p1182103318256">The <strong id="SecurityGroup_0004__b317112962914">Virtual Private Cloud</strong> page is displayed.</p>
</li><li id="SecurityGroup_0004__li18692101019111">In the navigation pane on the left, choose <strong id="SecurityGroup_0004__b73192488916">Access Control</strong> &gt; <strong id="SecurityGroup_0004__b131914485916">Security Groups</strong>.<p id="SecurityGroup_0004__p40747164518">The security group list is displayed.</p>
</li><li id="SecurityGroup_0004__li107071926124612">Locate the row that contains the target security group and click <strong id="SecurityGroup_0004__b126239513917">Manage Rule</strong> in the <strong id="SecurityGroup_0004__b1062355118920">Operation</strong> column.<p id="SecurityGroup_0004__p7920227204615">The page for configuring security group rules is displayed.</p>
</li><li id="SecurityGroup_0004__li1063572655813">On the <strong id="SecurityGroup_0004__b144791401105">Inbound Rules</strong> tab, click <strong id="SecurityGroup_0004__b1547914017109">Fast-Add Rule</strong>.<p id="SecurityGroup_0004__p1442168204914">The <strong id="SecurityGroup_0004__b3732142121018">Fast-Add Inbound Rule</strong> dialog box is displayed.</p>
</li><li id="SecurityGroup_0004__li468912151226">Configure required parameters.<div class="p" id="SecurityGroup_0004__p18991191312513"><a name="SecurityGroup_0004__li468912151226"></a><a name="li468912151226"></a><div class="fignone" id="SecurityGroup_0004__fig1127533152411"><span class="figcap"><b>Figure 1 </b>Fast-Add Inbound Rule</span><br><span><img id="SecurityGroup_0004__image427617310248" src="en-us_image_0211552164.png"></span></div>
</li><li id="SecurityGroup_0004__li468912151226">Configure required parameters.<div class="p" id="SecurityGroup_0004__p18991191312513"><a name="SecurityGroup_0004__li468912151226"></a><a name="li468912151226"></a><div class="fignone" id="SecurityGroup_0004__fig1127533152411"><span class="figcap"><b>Figure 1 </b>Fast-Add Inbound Rule</span><br><span><img id="SecurityGroup_0004__image427617310248" src="en-us_image_0000001818823074.png"></span></div>
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="SecurityGroup_0004__table111445216564" width="90%" frame="border" border="1" rules="all"><caption><b>Table 1 </b>Inbound rule parameter description</caption><thead align="left"><tr id="SecurityGroup_0004__row1811565205613"><th align="left" class="cellrowborder" valign="top" width="12.7%" id="mcps1.3.2.3.6.1.2.2.4.1.1"><p id="SecurityGroup_0004__p51151452125620">Parameter</p>
</th>
@ -56,7 +56,7 @@
</div>
</li><li id="SecurityGroup_0004__li17702418175013">Click <strong id="SecurityGroup_0004__b8881259141016">OK</strong>.<p id="SecurityGroup_0004__p58147211519">The inbound rule list is displayed and you can view your added rule.</p>
</li><li id="SecurityGroup_0004__li117291459204218">On the <strong id="SecurityGroup_0004__b19622071118">Outbound Rules</strong> tab, click <strong id="SecurityGroup_0004__b962157101112">Fast-Add Rule</strong>.<p id="SecurityGroup_0004__p1964712134312">The <strong id="SecurityGroup_0004__b05251122191119">Fast-Add Outbound Rule</strong> dialog box is displayed.</p>
</li><li id="SecurityGroup_0004__li5604143282711">Configure required parameters.<div class="p" id="SecurityGroup_0004__p383322519611"><a name="SecurityGroup_0004__li5604143282711"></a><a name="li5604143282711"></a><div class="fignone" id="SecurityGroup_0004__fig164897019299"><span class="figcap"><b>Figure 2 </b>Fast-Add Outbound Rule</span><br><span><img id="SecurityGroup_0004__image1548970142912" src="en-us_image_0211560998.png"></span></div>
</li><li id="SecurityGroup_0004__li5604143282711">Configure required parameters.<div class="p" id="SecurityGroup_0004__p383322519611"><a name="SecurityGroup_0004__li5604143282711"></a><a name="li5604143282711"></a><div class="fignone" id="SecurityGroup_0004__fig164897019299"><span class="figcap"><b>Figure 2 </b>Fast-Add Outbound Rule</span><br><span><img id="SecurityGroup_0004__image1548970142912" src="en-us_image_0000001865582617.png"></span></div>
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="SecurityGroup_0004__table0614192319232" width="90%" frame="border" border="1" rules="all"><caption><b>Table 2 </b>Outbound rule parameter description</caption><thead align="left"><tr id="SecurityGroup_0004__row19614623202312"><th align="left" class="cellrowborder" valign="top" width="12.34%" id="mcps1.3.2.3.9.1.2.2.4.1.1"><p id="SecurityGroup_0004__p361592319230">Parameter</p>
</th>
@ -108,7 +108,7 @@
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="vpc_SecurityGroup_0001.html">Security Group</a></div>
<div class="parentlink"><strong>Parent topic:</strong> <a href="vpc_SecurityGroup_0013.html">Managing Security Group Rules</a></div>
</div>
</div>

6
docs/vpc/umn/SecurityGroup_0005.html
View File

@ -1,7 +1,7 @@
<a name="SecurityGroup_0005"></a><a name="SecurityGroup_0005"></a>
<h1 class="topictitle1">Allowing Common Ports with A Few Clicks</h1>
<div id="body0000001646960360"><div class="section" id="SecurityGroup_0005__section111711223183718"><h4 class="sectiontitle">Scenarios</h4><div class="p" id="SecurityGroup_0005__p57971737163513">You can configure a security group to allow common ports with a few clicks. This function is suitable for the following scenarios:<ul id="SecurityGroup_0005__ul5362904812"><li id="SecurityGroup_0005__en-us_topic_0013748715_li123617917487">Remotely log in to ECSs.</li><li id="SecurityGroup_0005__en-us_topic_0013748715_li792741712487">Use the ping command to test ECS connectivity.</li><li id="SecurityGroup_0005__en-us_topic_0013748715_li64071030164815">ECSs functioning as web servers provide website access services.</li></ul>
<div id="body0000001646960360"><div class="section" id="SecurityGroup_0005__section111711223183718"><h4 class="sectiontitle">Scenarios</h4><div class="p" id="SecurityGroup_0005__p57971737163513">You can configure a security group to allow common ports with a few clicks. This function is suitable for the following scenarios:<ul id="SecurityGroup_0005__ul5362904812"><li id="SecurityGroup_0005__en-us_topic_0118534004_li123617917487">Remotely log in to ECSs.</li><li id="SecurityGroup_0005__en-us_topic_0118534004_li792741712487">Use the ping command to test ECS connectivity.</li><li id="SecurityGroup_0005__en-us_topic_0118534004_li64071030164815">ECSs functioning as web servers provide website access services.</li></ul>
</div>
<p id="SecurityGroup_0005__p192717293514"><a href="#SecurityGroup_0005__table117828131111">Table 1</a> describes the common ports that can be opened with a few clicks.</p>
@ -74,7 +74,7 @@
</table>
</div>
</div>
<div class="section" id="SecurityGroup_0005__section423982018414"><h4 class="sectiontitle">Procedure</h4><ol id="SecurityGroup_0005__ol15905193312412"><li id="SecurityGroup_0005__li2849879021595">Log in to the management console.</li><li id="SecurityGroup_0005__li840318282158">Click <span><img id="SecurityGroup_0005__en-us_topic_0013748726_image338921514480" src="en-us_image_0141273034.png"></span> in the upper left corner and select the desired region and project.</li><li id="SecurityGroup_0005__li65321958215">Click <span><img id="SecurityGroup_0005__en-us_topic_0013748738_image8750174734412" src="en-us_image_0000001646961692.png"></span> in the upper left corner and choose <strong id="SecurityGroup_0005__b284311813542"><span id="SecurityGroup_0005__en-us_topic_0013748738_text47511547154412">Network</span><span id="SecurityGroup_0005__en-us_topic_0013748738_text1275116474447"></span></strong> &gt; <strong id="SecurityGroup_0005__b2844131819543">Virtual Private Cloud</strong>.<p id="SecurityGroup_0005__p1182103318256">The <strong id="SecurityGroup_0005__b168701256435">Virtual Private Cloud</strong> page is displayed.</p>
<div class="section" id="SecurityGroup_0005__section423982018414"><h4 class="sectiontitle">Procedure</h4><ol id="SecurityGroup_0005__ol15905193312412"><li id="SecurityGroup_0005__li2849879021595">Log in to the management console.</li><li id="SecurityGroup_0005__li840318282158">Click <span><img id="SecurityGroup_0005__en-us_topic_0118498823_image338921514480" src="en-us_image_0000001818982734.png"></span> in the upper left corner and select the desired region and project.</li><li id="SecurityGroup_0005__li65321958215">Click <span><img id="SecurityGroup_0005__en-us_topic_0118498850_image8750174734412" src="en-us_image_0000001818823186.png"></span> in the upper left corner and choose <strong id="SecurityGroup_0005__b284311813542"><span id="SecurityGroup_0005__en-us_topic_0118498850_text47511547154412">Network</span><span id="SecurityGroup_0005__en-us_topic_0118498850_text1275116474447"></span></strong> &gt; <strong id="SecurityGroup_0005__b2844131819543">Virtual Private Cloud</strong>.<p id="SecurityGroup_0005__p1182103318256">The <strong id="SecurityGroup_0005__b168701256435">Virtual Private Cloud</strong> page is displayed.</p>
</li><li id="SecurityGroup_0005__li2907103354114">In the navigation pane on the left, choose <strong id="SecurityGroup_0005__b1135517222317">Access Control</strong> &gt; <strong id="SecurityGroup_0005__b935511219239">Security Groups</strong>.<p id="SecurityGroup_0005__p78331733204216">The security group list is displayed.</p>
</li><li id="SecurityGroup_0005__li10508153994513">In the security group list, click the name of the security group.<p id="SecurityGroup_0005__p100911194312"><a name="SecurityGroup_0005__li10508153994513"></a><a name="li10508153994513"></a>The security group details page is displayed.</p>
</li><li id="SecurityGroup_0005__li1431513481421">Click the <strong id="SecurityGroup_0005__b950016236251">Inbound Rules</strong> or <strong id="SecurityGroup_0005__b584482513257">Outbound Rules</strong> tab, and then click <strong id="SecurityGroup_0005__b12854174602517">Allow Common Ports</strong>.<p id="SecurityGroup_0005__p025894789">The <strong id="SecurityGroup_0005__b78045152611">Allow Common Ports</strong> page is displayed.</p>
@ -84,7 +84,7 @@
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="vpc_SecurityGroup_0001.html">Security Group</a></div>
<div class="parentlink"><strong>Parent topic:</strong> <a href="vpc_SecurityGroup_0013.html">Managing Security Group Rules</a></div>
</div>
</div>

14
docs/vpc/umn/SecurityGroup_0006.html
View File

@ -3,18 +3,18 @@
<h1 class="topictitle1">Changing the Security Group of an ECS</h1>
<div id="body1529924417030"><div class="section" id="SecurityGroup_0006__section181956227265"><h4 class="sectiontitle">Scenarios</h4><p id="SecurityGroup_0006__p95671820182813">Change the security group associated with an ECS NIC.</p>
</div>
<div class="section" id="SecurityGroup_0006__section451235718918"><h4 class="sectiontitle">Procedure</h4><ol id="SecurityGroup_0006__en-us_topic_0093492517_ol146871568377"><li id="SecurityGroup_0006__en-us_topic_0093492517_li3490190117228">Log in to the management console.</li><li id="SecurityGroup_0006__en-us_topic_0093492517_li1168746173718">Click <span><img id="SecurityGroup_0006__en-us_topic_0093492517_image1791178433153215" src="en-us_image_0093507575.png"></span> in the upper left corner and select your region and project.</li><li id="SecurityGroup_0006__en-us_topic_0093492517_li206871564372">Under <strong id="SecurityGroup_0006__en-us_topic_0093492517_b1338816073816"><span id="SecurityGroup_0006__en-us_topic_0093492517_text13387501380">Computing</span></strong>, click <strong id="SecurityGroup_0006__en-us_topic_0093492517_b938818033811">Elastic Cloud Server</strong>.</li><li id="SecurityGroup_0006__en-us_topic_0093492517_li6688267371">In the ECS list, locate the row that contains the target ECS. Click <strong id="SecurityGroup_0006__en-us_topic_0093492517_b3965144994119">More</strong> in the <strong id="SecurityGroup_0006__en-us_topic_0093492517_b179661449174112">Operation</strong> column and select <strong id="SecurityGroup_0006__en-us_topic_0093492517_b14966174913419">Manage Network</strong> &gt; <strong id="SecurityGroup_0006__en-us_topic_0093492517_b19967749134120">Change Security Group</strong>.<p id="SecurityGroup_0006__en-us_topic_0093492517_p968836143718">The <strong id="SecurityGroup_0006__en-us_topic_0093492517_b842352706162949">Change Security Group</strong> dialog box is displayed.</p>
<div class="fignone" id="SecurityGroup_0006__en-us_topic_0093492517_fig1673733486"><span class="figcap"><b>Figure 1 </b>Change Security Group</span><br><span><img id="SecurityGroup_0006__en-us_topic_0093492517_image96888152276" src="en-us_image_0162733894.png"></span></div>
</li><li id="SecurityGroup_0006__en-us_topic_0093492517_li14114175682518">Select the target NIC and security groups.<p id="SecurityGroup_0006__en-us_topic_0093492517_p1615510191262"><a name="SecurityGroup_0006__en-us_topic_0093492517_li14114175682518"></a><a name="en-us_topic_0093492517_li14114175682518"></a>You can select multiple security groups. In such a case, the rules of all the selected security groups will be aggregated to apply on the <span id="SecurityGroup_0006__en-us_topic_0093492517_text10680201271119">ECS</span>.</p>
<p id="SecurityGroup_0006__en-us_topic_0093492517_p1669712426182">To create a security group, click <strong id="SecurityGroup_0006__en-us_topic_0093492517_b1291994117114">Create Security Group</strong>.</p>
<div class="note" id="SecurityGroup_0006__en-us_topic_0093492517_note4690867375"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="SecurityGroup_0006__en-us_topic_0093492517_p3691176143719">Using multiple security groups may deteriorate <span id="SecurityGroup_0006__en-us_topic_0093492517_text127881839154216">ECS</span> network performance. You are suggested to select no more than five security groups.</p>
<div class="section" id="SecurityGroup_0006__section451235718918"><h4 class="sectiontitle">Procedure</h4><ol id="SecurityGroup_0006__en-us_topic_0093492517_ol146871568377"><li id="SecurityGroup_0006__en-us_topic_0093492517_li3490190117228">Log in to the management console.</li><li id="SecurityGroup_0006__en-us_topic_0093492517_li1168746173718">Click <span><img id="SecurityGroup_0006__en-us_topic_0093492517_image268756153719" src="en-us_image_0000001818823030.png"></span> in the upper left corner and select your region and project.</li><li id="SecurityGroup_0006__en-us_topic_0093492517_li206871564372">Click <span><img id="SecurityGroup_0006__image16742151417237" src="en-us_image_0000001865662757.jpg"></span> and choose <span id="SecurityGroup_0006__en-us_topic_0093492517_text418319413327"><strong id="SecurityGroup_0006__b20725205512418">Computing</strong></span> &gt; <strong id="SecurityGroup_0006__b127431014142317">Elastic Cloud Server</strong>.</li><li id="SecurityGroup_0006__en-us_topic_0093492517_li6688267371">In the <span id="SecurityGroup_0006__en-us_topic_0093492517_text45363507231">ECS</span> list, choose <strong id="SecurityGroup_0006__b10639418693">More</strong> &gt; <strong id="SecurityGroup_0006__b1393533220253">Manage Network</strong> &gt; <strong id="SecurityGroup_0006__b950719410105">Change Security Group</strong> in the <strong id="SecurityGroup_0006__b696318441197">Operation</strong> column.<p id="SecurityGroup_0006__en-us_topic_0093492517_p968836143718">The <strong id="SecurityGroup_0006__b154917146275129">Change Security Group</strong> dialog box is displayed.</p>
<div class="fignone" id="SecurityGroup_0006__en-us_topic_0093492517_fig1673733486"><span class="figcap"><b>Figure 1 </b>Changing a security group</span><br><span><img id="SecurityGroup_0006__en-us_topic_0093492517_image96888152276" src="en-us_image_0000001865662753.png"></span></div>
</li><li id="SecurityGroup_0006__en-us_topic_0093492517_li14114175682518">Select the target NIC and security groups.<p id="SecurityGroup_0006__en-us_topic_0093492517_p1615510191262"><a name="SecurityGroup_0006__en-us_topic_0093492517_li14114175682518"></a><a name="en-us_topic_0093492517_li14114175682518"></a>You can select multiple security groups. In such a case, the access rules of all the selected security groups apply to the ECS.</p>
<p id="SecurityGroup_0006__en-us_topic_0093492517_p1669712426182">To create a security group, click <strong id="SecurityGroup_0006__b173764201875129">Create Security Group</strong>.</p>
<div class="note" id="SecurityGroup_0006__en-us_topic_0093492517_note4690867375"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><p id="SecurityGroup_0006__en-us_topic_0093492517_p3691176143719">Using multiple security groups may deteriorate ECS network performance. We recommend that you associate no more than five security groups with each ECS.</p>
</div></div>
</li><li id="SecurityGroup_0006__en-us_topic_0093492517_li1969136193711">Click <strong id="SecurityGroup_0006__en-us_topic_0093492517_b842352706165945">OK</strong>.</li></ol>
</li><li id="SecurityGroup_0006__en-us_topic_0093492517_li1969136193711">Click <strong id="SecurityGroup_0006__b1557690599">OK</strong>.</li></ol>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="vpc_SecurityGroup_0001.html">Security Group</a></div>
<div class="parentlink"><strong>Parent topic:</strong> <a href="vpc_SecurityGroup_0014.html">Managing Instances Associated with a Security Group</a></div>
</div>
</div>

6
docs/vpc/umn/SecurityGroup_0017.html
View File

@ -4,7 +4,7 @@
<div id="body1532510613760"><div class="section" id="SecurityGroup_0017__section1284185020245"><h4 class="sectiontitle">Scenarios</h4><div class="p" id="SecurityGroup_0017__p5231151693518">When you create an instance, the system automatically adds the instance to a security group for protection.<ul id="SecurityGroup_0017__ul12247447191919"><li id="SecurityGroup_0017__li424764717199">If one security group cannot meet your requirements, you can add an instance to multiple security groups.</li><li id="SecurityGroup_0017__li1043520521190">An instance must be added to at least one security group. If you want to change the security group for an instance, you can add the instance to a new security group and then remove the instance from the original security group.</li></ul>
</div>
</div>
<div class="section" id="SecurityGroup_0017__section7737145418298"><h4 class="sectiontitle">Adding an Instance to a Security Group</h4><ol id="SecurityGroup_0017__ol1527262085715"><li id="SecurityGroup_0017__li2849879021595">Log in to the management console.</li><li id="SecurityGroup_0017__li19707181319510">Click <span><img id="SecurityGroup_0017__en-us_topic_0013748726_image338921514480" src="en-us_image_0141273034.png"></span> in the upper left corner and select the desired region and project.</li><li id="SecurityGroup_0017__li65321958215">Click <span><img id="SecurityGroup_0017__en-us_topic_0013748738_image8750174734412" src="en-us_image_0000001627054058.png"></span> in the upper left corner and choose <strong id="SecurityGroup_0017__b19991723143713"><span id="SecurityGroup_0017__text399162313377">Network</span><span id="SecurityGroup_0017__text13991132319370"></span></strong> &gt; <strong id="SecurityGroup_0017__b11991323183715">Virtual Private Cloud</strong>.<p id="SecurityGroup_0017__p1182103318256">The <strong id="SecurityGroup_0017__b0884173153715">Virtual Private Cloud</strong> page is displayed.</p>
<div class="section" id="SecurityGroup_0017__section7737145418298"><h4 class="sectiontitle">Adding an Instance to a Security Group</h4><ol id="SecurityGroup_0017__ol1527262085715"><li id="SecurityGroup_0017__li2849879021595">Log in to the management console.</li><li id="SecurityGroup_0017__li19707181319510">Click <span><img id="SecurityGroup_0017__en-us_topic_0118498823_image338921514480" src="en-us_image_0000001818982734.png"></span> in the upper left corner and select the desired region and project.</li><li id="SecurityGroup_0017__li65321958215">Click <span><img id="SecurityGroup_0017__en-us_topic_0118498850_image8750174734412" src="en-us_image_0000001818982974.png"></span> in the upper left corner and choose <strong id="SecurityGroup_0017__b19991723143713"><span id="SecurityGroup_0017__text399162313377">Network</span><span id="SecurityGroup_0017__text13991132319370"></span></strong> &gt; <strong id="SecurityGroup_0017__b11991323183715">Virtual Private Cloud</strong>.<p id="SecurityGroup_0017__p1182103318256">The <strong id="SecurityGroup_0017__b0884173153715">Virtual Private Cloud</strong> page is displayed.</p>
</li><li id="SecurityGroup_0017__li1955416211482">In the navigation pane on the left, choose <strong id="SecurityGroup_0017__b39573448339">Access Control</strong> &gt; <strong id="SecurityGroup_0017__b2095710448331">Security Groups</strong>.<p id="SecurityGroup_0017__p78331733204216">The security group list is displayed.</p>
</li><li id="SecurityGroup_0017__li61193616483">In the security group list, locate the row that contains the security group and click <strong id="SecurityGroup_0017__b771214521337">Manage Instances</strong> in the <strong id="SecurityGroup_0017__b1871355243310">Operation</strong> column.<p id="SecurityGroup_0017__p100911194312">The <strong id="SecurityGroup_0017__b12887181919406">Associated Instances</strong> tab is displayed.</p>
</li><li id="SecurityGroup_0017__li17819483234">Click an instance type.<p id="SecurityGroup_0017__p212255420232"><a name="SecurityGroup_0017__li17819483234"></a><a name="li17819483234"></a>The following operations use <strong id="SecurityGroup_0017__b955634924019">Servers</strong> as an example.</p>
@ -12,7 +12,7 @@
</li><li id="SecurityGroup_0017__li1411153214246">In the server list, select one or more servers and click OK to add them to the current security group.</li></ol>
</div>
<div class="section" id="SecurityGroup_0017__section147074331319"><h4 class="sectiontitle">Removing an Instance from a Security Group</h4><p id="SecurityGroup_0017__p16615356142514">An instance must be added to at least one security group. If you want to remove an instance from a security group, the instance must be associated with at least two security groups now.</p>
<ol id="SecurityGroup_0017__ol2708193318119"><li id="SecurityGroup_0017__li8955159354">Log in to the management console.</li><li id="SecurityGroup_0017__li1770913314115">Click <span><img id="SecurityGroup_0017__en-us_topic_0013748726_image338921514480_1" src="en-us_image_0141273034.png"></span> in the upper left corner and select the desired region and project.</li><li id="SecurityGroup_0017__li5766141316458">Click <span><img id="SecurityGroup_0017__image10766141319453" src="en-us_image_0000001626734162.png"></span> in the upper left corner and choose <strong id="SecurityGroup_0017__b090413613712"><span id="SecurityGroup_0017__text390493653717">Network</span><span id="SecurityGroup_0017__text20904193603712"></span></strong> &gt; <strong id="SecurityGroup_0017__b16904183616376">Virtual Private Cloud</strong>.<p id="SecurityGroup_0017__p11767191320456">The <strong id="SecurityGroup_0017__b19977114263710">Virtual Private Cloud</strong> page is displayed.</p>
<ol id="SecurityGroup_0017__ol2708193318119"><li id="SecurityGroup_0017__li8955159354">Log in to the management console.</li><li id="SecurityGroup_0017__li1770913314115">Click <span><img id="SecurityGroup_0017__image476994749" src="en-us_image_0000001818982734.png"></span> in the upper left corner and select the desired region and project.</li><li id="SecurityGroup_0017__li5766141316458">Click <span><img id="SecurityGroup_0017__image10766141319453" src="en-us_image_0000001865582721.png"></span> in the upper left corner and choose <strong id="SecurityGroup_0017__b090413613712"><span id="SecurityGroup_0017__text390493653717">Network</span><span id="SecurityGroup_0017__text20904193603712"></span></strong> &gt; <strong id="SecurityGroup_0017__b16904183616376">Virtual Private Cloud</strong>.<p id="SecurityGroup_0017__p11767191320456">The <strong id="SecurityGroup_0017__b19977114263710">Virtual Private Cloud</strong> page is displayed.</p>
</li><li id="SecurityGroup_0017__li155681561266">In the navigation pane on the left, choose <strong id="SecurityGroup_0017__b126787217514">Access Control</strong> &gt; <strong id="SecurityGroup_0017__b1867810275116">Security Groups</strong>.<p id="SecurityGroup_0017__p55684565264">The security group list is displayed.</p>
</li><li id="SecurityGroup_0017__li1456875612268">In the security group list, locate the row that contains the security group and click <strong id="SecurityGroup_0017__b14637153616516">Manage Instances</strong> in the <strong id="SecurityGroup_0017__b5638183635118">Operation</strong> column.<p id="SecurityGroup_0017__p756895615261">The <strong id="SecurityGroup_0017__b18614184817515">Associated Instances</strong> tab is displayed.</p>
</li><li id="SecurityGroup_0017__li056825618262">Click an instance type.<p id="SecurityGroup_0017__p1856875682612"><a name="SecurityGroup_0017__li056825618262"></a><a name="li056825618262"></a>The following operations use <strong id="SecurityGroup_0017__b3583185165217">Servers</strong> as an example.</p>
@ -24,7 +24,7 @@
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="vpc_SecurityGroup_0001.html">Security Group</a></div>
<div class="parentlink"><strong>Parent topic:</strong> <a href="vpc_SecurityGroup_0014.html">Managing Instances Associated with a Security Group</a></div>
</div>
</div>

12
docs/vpc/umn/acl_0001.html
View File

@ -3,10 +3,14 @@
<h1 class="topictitle1"><span id="text15411215417">Firewall</span><span id="text741121516120"></span> Overview</h1>
<div id="body1544424023306"><p id="acl_0001__p13781551490">A <span id="acl_0001__text11248715171311">firewall</span><span id="acl_0001__text45551720134"></span> is an optional layer of security for your subnets. After you associate one or more subnets with a <span id="acl_0001__text13717202713198">firewall</span><span id="acl_0001__text2717122731911"></span>, you can control traffic in and out of the subnets.</p>
<p id="acl_0001__p8060118"><a href="#acl_0001__fig9582182315479">Figure 1</a> shows how a firewall works.</p>
<div class="fignone" id="acl_0001__fig9582182315479"><a name="acl_0001__fig9582182315479"></a><a name="fig9582182315479"></a><span class="figcap"><b>Figure 1 </b>Security groups and firewalls</span><br><span><img class="eddx" id="acl_0001__en-us_topic_0052003963_image048361820309" src="en-us_image_0000001699135873.png"></span></div>
<div class="fignone" id="acl_0001__fig9582182315479"><a name="acl_0001__fig9582182315479"></a><a name="fig9582182315479"></a><span class="figcap"><b>Figure 1 </b>Security groups and firewalls</span><br><span><img class="eddx" id="acl_0001__en-us_topic_0118534001_image048361820309" src="en-us_image_0000001818982946.png"></span></div>
<p id="acl_0001__p668217610324">Similar to security groups, <span id="acl_0001__text127138429139">firewall</span><span id="acl_0001__text6713942101313"></span>s control access to subnets and add an additional layer of defense to your subnets. Security groups only have the "allow" rules, but <span id="acl_0001__text3310185011135">firewall</span><span id="acl_0001__text12310115051319"></span>s have both "allow" and "deny" rules. You can use <span id="acl_0001__text1554161716440">firewall</span><span id="acl_0001__text19555817144413"></span>s together with security groups to implement comprehensive and fine-grained access control. </p>
<p id="acl_0001__p6398184124212"><a href="en-us_topic_0052003963.html">Differences Between Security Groups and Firewalls</a> summarizes the basic differences between security groups and <span id="acl_0001__text137415412138">firewall</span><span id="acl_0001__text4374125421314"></span>s.</p>
<div class="section" id="acl_0001__section1952742625114"><h4 class="sectiontitle"><span id="acl_0001__text16549171719105">Firewall</span><span id="acl_0001__text215101619277"></span> Basics</h4><ul id="acl_0001__ul16670101419510"><li id="acl_0001__li1767091455112">Your VPC does not come with a <span id="acl_0001__text1681559201318">firewall</span><span id="acl_0001__text1481195921318"></span>, but you can create a <span id="acl_0001__text193132025161912">firewall</span><span id="acl_0001__text131517252195"></span> and associate it with a VPC subnet if required. By default, each <span id="acl_0001__text17139141019144">firewall</span><span id="acl_0001__text1313941001416"></span> denies all inbound traffic to and outbound traffic from the associated subnet until you add rules.</li><li id="acl_0001__li9670101412519">You can associate a <span id="acl_0001__text129685145149">firewall</span><span id="acl_0001__text16968514181411"></span> with multiple subnets. However, a subnet can only be associated with one <span id="acl_0001__text1922420915259">firewall</span><span id="acl_0001__text12259912252"></span> at a time.</li><li id="acl_0001__li1670714145119">Each newly created <span id="acl_0001__text138342217143">firewall</span><span id="acl_0001__text1183132212149"></span> is in the <strong id="acl_0001__b0772925121511">Inactive</strong> state until you associate subnets with it.</li></ul>
<div class="section" id="acl_0001__section1952742625114"><h4 class="sectiontitle"><span id="acl_0001__text16549171719105">Firewall</span><span id="acl_0001__text215101619277"></span> Basics</h4><ul id="acl_0001__ul16670101419510"><li id="acl_0001__li1767091455112">Your VPC does not come with a <span id="acl_0001__text1681559201318">firewall</span><span id="acl_0001__text1481195921318"></span>, but you can create a <span id="acl_0001__text193132025161912">firewall</span><span id="acl_0001__text131517252195"></span> and associate it with a VPC subnet if required. By default, each <span id="acl_0001__text17139141019144">firewall</span><span id="acl_0001__text1313941001416"></span> denies all inbound traffic to and outbound traffic from the associated subnet until you add rules.</li><li id="acl_0001__li9670101412519">You can associate a <span id="acl_0001__text129685145149">firewall</span><span id="acl_0001__text16968514181411"></span> with multiple subnets. However, a subnet can only be associated with one <span id="acl_0001__text1922420915259">firewall</span><span id="acl_0001__text12259912252"></span> at a time.</li><li id="acl_0001__li1670714145119">Each newly created <span id="acl_0001__text138342217143">firewall</span><span id="acl_0001__text1183132212149"></span> is in the <strong id="acl_0001__b0772925121511">Inactive</strong> state until you associate subnets with it.</li><li id="acl_0001__li122989913316"><span id="acl_0001__en-us_topic_0118499057_text1288374394312">Firewall</span><span id="acl_0001__en-us_topic_0118499057_text168841343174317"></span>s use connection tracking to track traffic to and from instances. Changes to inbound and outbound rules do not take effect immediately for the existing traffic.<p id="acl_0001__en-us_topic_0118499057_p12584634185913">If you add, modify, or delete a <span id="acl_0001__en-us_topic_0118499057_text7584193414598">firewall</span><span id="acl_0001__en-us_topic_0118499057_text16584434165917"></span> rule, or associate or disassociate a subnet with or from a <span id="acl_0001__en-us_topic_0118499057_text8878017134511">firewall</span><span id="acl_0001__en-us_topic_0118499057_text17879101734516"></span>, all the inbound and outbound persistent connections will not be disconnected. New rules will only be applied for the new connections.</p>
</li></ul>
<div class="notice" id="acl_0001__note191885121325"><span class="noticetitle"><img src="public_sys-resources/notice_3.0-en-us.png"> </span><div class="noticebody"><p id="acl_0001__en-us_topic_0118499057_p982720180553">After a persistent connection is disconnected, new connections will not be established immediately until the timeout period of connection tracking expires. For example, after an ICMP persistent connection is disconnected, a new connection will be established and a new rule will apply when the timeout period (30s) expires.</p>
<ul id="acl_0001__en-us_topic_0118499057_ul0719132175510"><li id="acl_0001__en-us_topic_0118499057_li31956209554">The timeout period of connection tracking varies by protocol. The timeout period of a TCP connection in the established state is 600s, and that of an ICMP connection is 30s. For other protocols, if packets are received in both inbound and outbound directions, the connection tracking timeout period is 180s. If packets are received only in one direction, the connection tracking timeout period is 30s.</li><li id="acl_0001__en-us_topic_0118499057_li131754585612">The timeout period of TCP connections varies by connection status. The timeout period of a TCP connection in the established state is 600s, and that of a TCP connection in the FIN-WAIT state is 30s.</li></ul>
</div></div>
</div>
<div class="section" id="acl_0001__section99541345213"><a name="acl_0001__section99541345213"></a><a name="section99541345213"></a><h4 class="sectiontitle">Default <span id="acl_0001__text17811727151018">Firewall</span><span id="acl_0001__text96061321162714"></span> Rules</h4><p id="acl_0001__p1767071405116">By default, each <span id="acl_0001__text28540545146">firewall</span><span id="acl_0001__text12854205411419"></span> has preset rules that allow the following packets:</p>
<ul id="acl_0001__ul116891923175218"><li id="acl_0001__li4671121410513">Packets whose source and destination are in the same subnet.</li><li id="acl_0001__li20671101455117">Broadcast packets with the destination 255.255.255.255/32, which is used to configure host startup information.</li><li id="acl_0001__li867110142516">Multicast packets with the destination 224.0.0.0/24, which is used by routing protocols.</li><li id="acl_0001__li1067121414513">Metadata packets with the destination 169.254.169.254/32 and TCP port number 80, which is used to obtain metadata.</li><li id="acl_0001__li166902023175218">Packets from CIDR blocks that are reserved for public services (for example, packets with the destination 100.125.0.0/16).</li><li id="acl_0001__li11670914165110">A <span id="acl_0001__text13558171917362">firewall</span><span id="acl_0001__text1755991943617"></span> denies all traffic in and out of a subnet excepting the preceding packets. <a href="#acl_0001__table1034601475112">Table 1</a> shows the default rules. You cannot modify or delete the default rules.
@ -61,7 +65,7 @@
</div>
</li></ul>
</div>
<div class="section" id="acl_0001__section74125695419"><h4 class="sectiontitle">Rule Priorities</h4><ul id="acl_0001__ul2671914175111"><li id="acl_0001__li290111810455">Each <span id="acl_0001__text18509112231513">firewall</span><span id="acl_0001__text1950962261517"></span> rule has a priority value where a smaller value corresponds to a higher priority. Any time two rules conflict, the rule with the higher priority is the one that gets applied. The rule whose priority value is an asterisk (*) has the lowest priority.</li><li id="acl_0001__li167117146513">If multiple <span id="acl_0001__text2596102581517">firewall</span><span id="acl_0001__text15596102571513"></span> rules conflict, only the rule with the highest priority takes effect. If you need a rule to take effect before or after a specific rule, you can insert that rule before or after the specific rule.</li></ul>
<div class="section" id="acl_0001__section74125695419"><h4 class="sectiontitle">How Traffic Matches <span id="acl_0001__text1373134095410">Firewall</span><span id="acl_0001__text1573194085414"></span> Rules</h4><ul id="acl_0001__ul2671914175111"><li id="acl_0001__li290111810455">Each <span id="acl_0001__text18509112231513">firewall</span><span id="acl_0001__text1950962261517"></span> rule has a priority value where a smaller value corresponds to a higher priority. Any time two rules conflict, the rule with the higher priority is the one that gets applied. The rule whose priority value is an asterisk (*) has the lowest priority.</li><li id="acl_0001__li167117146513">If multiple <span id="acl_0001__text2596102581517">firewall</span><span id="acl_0001__text15596102571513"></span> rules conflict, only the rule with the highest priority takes effect. If you need a rule to take effect before or after a specific rule, you can insert that rule before or after the specific rule.</li></ul>
</div>
<div class="section" id="acl_0001__section1864416226298"><h4 class="sectiontitle">Application Scenarios</h4><ul id="acl_0001__ul107461633193215"><li id="acl_0001__li174611336324">If the application layer needs to provide services for users, traffic must be allowed to reach the application layer from all IP addresses. However, you also need to prevent illegal access from malicious users.<p id="acl_0001__p75381836122820"><a name="acl_0001__li174611336324"></a><a name="li174611336324"></a>Solution: You can add <span id="acl_0001__text67171932111520">firewall</span><span id="acl_0001__text571818328153"></span> rules to deny access from suspect IP addresses.</p>
</li><li id="acl_0001__li18386203923318">How can I isolate ports with identified vulnerabilities? For example, how do I isolate port 445 that can be exploited by WannaCry worm?<p id="acl_0001__p1653983682815"><a name="acl_0001__li18386203923318"></a><a name="li18386203923318"></a>Solution: You can add <span id="acl_0001__text18921336191512">firewall</span><span id="acl_0001__text1292173681512"></span> rules to deny access traffic from a specific port and protocol, for example, TCP port 445.</p>
@ -70,7 +74,7 @@
</li></ul>
</div>
<div class="section" id="acl_0001__section14396131910515"><h4 class="sectiontitle">Configuration Procedure</h4><p id="acl_0001__p10538937853"><a href="#acl_0001__fig1643183218163">Figure 2</a> shows the procedure for configuring a <span id="acl_0001__text599516189168">firewall</span><span id="acl_0001__text599512187168"></span>.</p>
<div class="fignone" id="acl_0001__fig1643183218163"><a name="acl_0001__fig1643183218163"></a><a name="fig1643183218163"></a><span class="figcap"><b>Figure 2 </b><span id="acl_0001__text668616281164">firewall</span><span id="acl_0001__text06861728121612"></span> configuration procedure</span><br><span><img class="vsd" id="acl_0001__image49772046165815" src="en-us_image_0162335382.png"></span></div>
<div class="fignone" id="acl_0001__fig1643183218163"><a name="acl_0001__fig1643183218163"></a><a name="fig1643183218163"></a><span class="figcap"><b>Figure 2 </b><span id="acl_0001__text668616281164">firewall</span><span id="acl_0001__text06861728121612"></span> configuration procedure</span><br><span><img class="vsd" id="acl_0001__image49772046165815" src="en-us_image_0000001818982962.png"></span></div>
<ol id="acl_0001__ol64961250174814"><li id="acl_0001__li1849614505486">Create a <span id="acl_0001__text71827337167">firewall</span><span id="acl_0001__text7183173318168"></span> by following the steps described in <a href="en-us_topic_0051746698.html">Creating a Firewall</a>.</li><li id="acl_0001__li1518417537486">Add <span id="acl_0001__text593833511166">firewall</span><span id="acl_0001__text9938635141617"></span> rules by following the steps described in <a href="en-us_topic_0051746702.html">Adding a Firewall Rule</a>.</li><li id="acl_0001__li2758155517484">Associate subnets with the <span id="acl_0001__text4742139191618">firewall</span><span id="acl_0001__text4742173951610"></span> by following the steps described in <a href="en-us_topic_0051746700.html">Associating Subnets with a Firewall</a>. After subnets are associated with the <span id="acl_0001__text64553435162">firewall</span><span id="acl_0001__text045594311612"></span>, the subnets will be protected by the configured <span id="acl_0001__text13398324163514">firewall</span><span id="acl_0001__text20400182493515"></span> rules.</li></ol>
</div>
<div class="section" id="acl_0001__section28487131277"><h4 class="sectiontitle">Notes and Constraints</h4><ul id="acl_0001__ul4835849194111"><li id="acl_0001__li9945175894218">By default, each account can have up to 200 <span id="acl_0001__text1128221665812">firewall</span><span id="acl_0001__text02838165587"></span>s in a region.</li><li id="acl_0001__li20790333175612">A <span id="acl_0001__text9494437195619">firewall</span><span id="acl_0001__text164943373568"></span> can contain no more than 20 rules in one direction, or performance will deteriorate.</li></ul>

2
docs/vpc/umn/acl_0002.html
View File

@ -1,6 +1,6 @@
<a name="acl_0002"></a><a name="acl_0002"></a>
<h1 class="topictitle1"><span id="text562655823311">Firewall</span><span id="text9626185816332"></span> Configuration Examples</h1>
<h1 class="topictitle1"><span id="text16414121073416">Firewall</span><span id="text541415104349"></span> Configuration Examples</h1>
<div id="body1544424023306"><p id="acl_0002__p1822014275313">This section provides examples for configuring <span id="acl_0002__text11248715171311">firewall</span><span id="acl_0002__text45551720134"></span>s.</p>
<ul id="acl_0002__ul7360923145515"><li id="acl_0002__li3360102315515"><a href="#acl_0002__section11312173319432">Denying Access from a Specific Port</a></li><li id="acl_0002__li17814142865511"><a href="#acl_0002__section61291659102216">Allowing Access from Specific Ports and Protocols</a></li></ul>
<div class="section" id="acl_0002__section11312173319432"><a name="acl_0002__section11312173319432"></a><a name="section11312173319432"></a><h4 class="sectiontitle">Denying Access from a Specific Port</h4><p id="acl_0002__p37592398439">You might want to block TCP port 445 to protect against the WannaCry ransomware attacks. You can add a <span id="acl_0002__text171730540162">firewall</span><span id="acl_0002__text6173105416168"></span> rule to deny all incoming traffic from TCP port 445.</p>

2
docs/vpc/umn/eip_0003.html
View File

@ -3,7 +3,7 @@
<h1 class="topictitle1">Exporting EIP Information</h1>
<div id="body8662426"><div class="section" id="eip_0003__en-us_topic_0233468221_section50407262175221"><h4 class="sectiontitle">Scenarios</h4><p id="eip_0003__en-us_topic_0233468221_p61429748175232">The information of all EIPs under your account can be exported in an Excel file to a local directory. The file records the ID, status, type, bandwidth name, and bandwidth size of EIPs.</p>
</div>
<div class="section" id="eip_0003__en-us_topic_0233468221_section8755447183137"><h4 class="sectiontitle">Procedure</h4><ol id="eip_0003__en-us_topic_0233468221_ol53102723183146"><li id="eip_0003__en-us_topic_0233468221_li31781684183146">Log in to the management console.</li><li id="eip_0003__en-us_topic_0233468221_li840318282158">Click <span><img id="eip_0003__en-us_topic_0233468221_en-us_topic_0013748726_image338921514480" src="en-us_image_0141273034.png"></span> in the upper left corner and select the desired region and project.</li><li id="eip_0003__en-us_topic_0233468221_li548302634415">Click <span><img id="eip_0003__en-us_topic_0233468221_en-us_topic_0013748738_image8750174734412" src="en-us_image_0000001454059512.png"></span> in the upper left corner and choose <strong id="eip_0003__en-us_topic_0233468221_en-us_topic_0013748738_b29211533144914"><span id="eip_0003__en-us_topic_0233468221_en-us_topic_0013748738_text47511547154412">Network</span><span id="eip_0003__en-us_topic_0233468221_en-us_topic_0013748738_text1275116474447"></span></strong> &gt; <strong id="eip_0003__en-us_topic_0233468221_en-us_topic_0013748738_b15921153318493">Elastic IP</strong>.</li><li id="eip_0003__en-us_topic_0233468221_li27041584183239">On the displayed page, click <span><img id="eip_0003__en-us_topic_0233468221_image658923131016" src="en-us_image_0233469196.png"></span> in the upper right corner of the EIP list.<p id="eip_0003__en-us_topic_0233468221_p4335838818357">The system will automatically export all EIPs in the current region of your account to an Excel file and download the file to a local directory.</p>
<div class="section" id="eip_0003__en-us_topic_0233468221_section8755447183137"><h4 class="sectiontitle">Procedure</h4><ol id="eip_0003__en-us_topic_0233468221_ol53102723183146"><li id="eip_0003__en-us_topic_0233468221_li31781684183146">Log in to the management console.</li><li id="eip_0003__en-us_topic_0233468221_li840318282158">Click <span><img id="eip_0003__en-us_topic_0233468221_en-us_topic_0118498823_image338921514480" src="en-us_image_0000001818982734.png"></span> in the upper left corner and select the desired region and project.</li><li id="eip_0003__en-us_topic_0233468221_li548302634415">Click <span><img id="eip_0003__image81906989185433" src="en-us_image_0000001649841616.png"></span> in the upper left corner, and choose <span id="eip_0003__en-us_topic_0233468221_en-us_topic_0118498850_text47511547154412"><strong id="eip_0003__b18444724888">Network</strong></span><span id="eip_0003__en-us_topic_0233468221_en-us_topic_0118498850_text1275116474447"></span> &gt; <span id="eip_0003__en-us_topic_0233468221_en-us_topic_0118498850_text1075194744412"></span><span id="eip_0003__en-us_topic_0233468221_en-us_topic_0118498850_text1075114473445"><strong id="eip_0003__b55411101994">Elastic IP</strong></span>.</li><li id="eip_0003__en-us_topic_0233468221_li7741101914197">On the <span id="eip_0003__en-us_topic_0233468221_text874201919191"></span><span id="eip_0003__en-us_topic_0233468221_text18742119191911">EIP</span> list page, select one or more EIPs and click <strong id="eip_0003__b53622958885433">Export</strong> in the upper left corner.<p id="eip_0003__en-us_topic_0233468221_p6742219111913">The system will automatically export all EIPs to an Excel file and download the file to a local directory.</p>
</li></ol>
</div>
</div>

BIN
docs/vpc/umn/en-us_image_0000001197228903.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 28 KiB

BIN
docs/vpc/umn/en-us_image_0000001211006359.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 49 KiB

BIN
docs/vpc/umn/en-us_image_0000001211445065.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 31 KiB

BIN
docs/vpc/umn/en-us_image_0000001540725521.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 17 KiB

BIN
docs/vpc/umn/en-us_image_0000001627493158.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 8.5 KiB

BIN
docs/vpc/umn/en-us_image_0000001627653972.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 8.5 KiB

0
docs/vpc/umn/en-us_image_0000001454059512.png → docs/vpc/umn/en-us_image_0000001649841616.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 128 B

After

Width:  |  Height:  |  Size: 128 B

0
docs/vpc/umn/en-us_image_0000001490118666.png → docs/vpc/umn/en-us_image_0000001818822962.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 128 B

After

Width:  |  Height:  |  Size: 128 B

0
docs/vpc/umn/en-us_image_0162332046.png → docs/vpc/umn/en-us_image_0000001818823006.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 8.4 KiB

After

Width:  |  Height:  |  Size: 8.4 KiB

0
docs/vpc/umn/en-us_image_0000001678437642.png → docs/vpc/umn/en-us_image_0000001818823010.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 38 KiB

After

Width:  |  Height:  |  Size: 38 KiB

0
docs/vpc/umn/en-us_image_0000001221790501.png → docs/vpc/umn/en-us_image_0000001818823030.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 1004 B

After

Width:  |  Height:  |  Size: 1004 B

0
docs/vpc/umn/en-us_image_0000001117669274.png → docs/vpc/umn/en-us_image_0000001818823034.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 42 KiB

After

Width:  |  Height:  |  Size: 42 KiB

0
docs/vpc/umn/en-us_image_0142359884.png → docs/vpc/umn/en-us_image_0000001818823038.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 327 B

After

Width:  |  Height:  |  Size: 327 B

0
docs/vpc/umn/en-us_image_0209583952.png → docs/vpc/umn/en-us_image_0000001818823042.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 18 KiB

After

Width:  |  Height:  |  Size: 18 KiB

0
docs/vpc/umn/en-us_image_0000001221842468.png → docs/vpc/umn/en-us_image_0000001818823050.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 377 B

After

Width:  |  Height:  |  Size: 377 B

0
docs/vpc/umn/en-us_image_0000001520717193.png → docs/vpc/umn/en-us_image_0000001818823058.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 128 B

After

Width:  |  Height:  |  Size: 128 B

0
docs/vpc/umn/en-us_image_0211552164.png → docs/vpc/umn/en-us_image_0000001818823074.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 22 KiB

After

Width:  |  Height:  |  Size: 22 KiB

0
docs/vpc/umn/en-us_image_0000001572300492.png → docs/vpc/umn/en-us_image_0000001818823082.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 128 B

After

Width:  |  Height:  |  Size: 128 B

0
docs/vpc/umn/en-us_image_0000001208260576.png → docs/vpc/umn/en-us_image_0000001818823110.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 56 KiB

After

Width:  |  Height:  |  Size: 56 KiB

0
docs/vpc/umn/en-us_image_0000001209442636.png → docs/vpc/umn/en-us_image_0000001818823118.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 32 KiB

After

Width:  |  Height:  |  Size: 32 KiB

0
docs/vpc/umn/en-us_image_0000001237013856.png → docs/vpc/umn/en-us_image_0000001818823138.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 13 KiB

After

Width:  |  Height:  |  Size: 13 KiB

0
docs/vpc/umn/en-us_image_0000001179761510.png → docs/vpc/umn/en-us_image_0000001818823142.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 22 KiB

After

Width:  |  Height:  |  Size: 22 KiB

0
docs/vpc/umn/en-us_image_0000001626574358.png → docs/vpc/umn/en-us_image_0000001818823162.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 128 B

After

Width:  |  Height:  |  Size: 128 B

0
docs/vpc/umn/en-us_image_0000001626574362.png → docs/vpc/umn/en-us_image_0000001818823166.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 128 B

After

Width:  |  Height:  |  Size: 128 B

0
docs/vpc/umn/en-us_image_0000001626574366.png → docs/vpc/umn/en-us_image_0000001818823186.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 128 B

After

Width:  |  Height:  |  Size: 128 B

0
docs/vpc/umn/en-us_image_0000001515644737.png → docs/vpc/umn/en-us_image_0000001818823194.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 1004 B

After

Width:  |  Height:  |  Size: 1004 B

0
docs/vpc/umn/en-us_image_0000001626574370.png → docs/vpc/umn/en-us_image_0000001818823210.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 128 B

After

Width:  |  Height:  |  Size: 128 B

0
docs/vpc/umn/en-us_image_0214585341.png → docs/vpc/umn/en-us_image_0000001818823214.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 4.5 KiB

After

Width:  |  Height:  |  Size: 4.5 KiB

0
docs/vpc/umn/en-us_image_0000001626575750.png → docs/vpc/umn/en-us_image_0000001818823254.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 128 B

After

Width:  |  Height:  |  Size: 128 B

BIN
docs/vpc/umn/en-us_image_0000001818823258.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 16 KiB

0
docs/vpc/umn/en-us_image_0000001626576382.png → docs/vpc/umn/en-us_image_0000001818823270.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 128 B

After

Width:  |  Height:  |  Size: 128 B

0
docs/vpc/umn/en-us_image_0214585309.png → docs/vpc/umn/en-us_image_0000001818823278.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 11 KiB

After

Width:  |  Height:  |  Size: 11 KiB

0
docs/vpc/umn/en-us_image_0000001626576858.png → docs/vpc/umn/en-us_image_0000001818823286.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 128 B

After

Width:  |  Height:  |  Size: 128 B

0
docs/vpc/umn/en-us_image_0000001626578706.png → docs/vpc/umn/en-us_image_0000001818823302.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 128 B

After

Width:  |  Height:  |  Size: 128 B

0
docs/vpc/umn/en-us_image_0129304042.png → docs/vpc/umn/en-us_image_0000001818823318.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 12 KiB

After

Width:  |  Height:  |  Size: 12 KiB

Some files were not shown because too many files have changed in this diff Show More