diff --git a/umn/source/_static/images/en-us_image_0000001818823258.png b/umn/source/_static/images/en-us_image_0000001818823258.png deleted file mode 100644 index a3ec979..0000000 Binary files a/umn/source/_static/images/en-us_image_0000001818823258.png and /dev/null differ diff --git a/umn/source/_static/images/en-us_image_0000001818983038.png b/umn/source/_static/images/en-us_image_0000001818983038.png deleted file mode 100644 index d6154ba..0000000 Binary files a/umn/source/_static/images/en-us_image_0000001818983038.png and /dev/null differ diff --git a/umn/source/_static/images/en-us_image_0000001865582789.png b/umn/source/_static/images/en-us_image_0000001865582789.png new file mode 100644 index 0000000..92cd504 Binary files /dev/null and b/umn/source/_static/images/en-us_image_0000001865582789.png differ diff --git a/umn/source/_static/images/en-us_image_0000001865582793.png b/umn/source/_static/images/en-us_image_0000001865582793.png new file mode 100644 index 0000000..0587b67 Binary files /dev/null and b/umn/source/_static/images/en-us_image_0000001865582793.png differ diff --git a/umn/source/_static/images/en-us_image_0000001865662813.png b/umn/source/_static/images/en-us_image_0000001865662813.png new file mode 100644 index 0000000..9c32482 Binary files /dev/null and b/umn/source/_static/images/en-us_image_0000001865662813.png differ diff --git a/umn/source/_static/images/en-us_image_0000001865674836.png b/umn/source/_static/images/en-us_image_0000001865674836.png new file mode 100644 index 0000000..73149eb Binary files /dev/null and b/umn/source/_static/images/en-us_image_0000001865674836.png differ diff --git a/umn/source/_static/images/en-us_image_0000001865684752.png b/umn/source/_static/images/en-us_image_0000001865684752.png new file mode 100644 index 0000000..fed32d8 Binary files /dev/null and b/umn/source/_static/images/en-us_image_0000001865684752.png differ diff --git a/umn/source/_static/images/en-us_image_0000001865828728.png b/umn/source/_static/images/en-us_image_0000001865828728.png new file mode 100644 index 0000000..e308d67 Binary files /dev/null and b/umn/source/_static/images/en-us_image_0000001865828728.png differ diff --git a/umn/source/_static/images/en-us_image_0000001865833004.png b/umn/source/_static/images/en-us_image_0000001865833004.png new file mode 100644 index 0000000..d67dfd8 Binary files /dev/null and b/umn/source/_static/images/en-us_image_0000001865833004.png differ diff --git a/umn/source/_static/images/en-us_image_0000001865837676.png b/umn/source/_static/images/en-us_image_0000001865837676.png new file mode 100644 index 0000000..267f2de Binary files /dev/null and b/umn/source/_static/images/en-us_image_0000001865837676.png differ diff --git a/umn/source/_static/images/en-us_image_0000001865884494.png b/umn/source/_static/images/en-us_image_0000001865884494.png new file mode 100644 index 0000000..eaa0302 Binary files /dev/null and b/umn/source/_static/images/en-us_image_0000001865884494.png differ diff --git a/umn/source/_static/images/en-us_image_0000001865898552.png b/umn/source/_static/images/en-us_image_0000001865898552.png new file mode 100644 index 0000000..5aa7f83 Binary files /dev/null and b/umn/source/_static/images/en-us_image_0000001865898552.png differ diff --git a/umn/source/_static/images/en-us_image_0000001866046474.png b/umn/source/_static/images/en-us_image_0000001866046474.png new file mode 100644 index 0000000..8bbd514 Binary files /dev/null and b/umn/source/_static/images/en-us_image_0000001866046474.png differ diff --git a/umn/source/_static/images/en-us_image_0000001866063864.png b/umn/source/_static/images/en-us_image_0000001866063864.png new file mode 100644 index 0000000..51d37f5 Binary files /dev/null and b/umn/source/_static/images/en-us_image_0000001866063864.png differ diff --git a/umn/source/_static/images/en-us_image_0000001911771617.png b/umn/source/_static/images/en-us_image_0000001911771617.png new file mode 100644 index 0000000..51d37f5 Binary files /dev/null and b/umn/source/_static/images/en-us_image_0000001911771617.png differ diff --git a/umn/source/_static/images/en-us_image_0000001911842313.png b/umn/source/_static/images/en-us_image_0000001911842313.png new file mode 100644 index 0000000..a93b49a Binary files /dev/null and b/umn/source/_static/images/en-us_image_0000001911842313.png differ diff --git a/umn/source/_static/images/en-us_image_0000001911849797.png b/umn/source/_static/images/en-us_image_0000001911849797.png new file mode 100644 index 0000000..53e6dfa Binary files /dev/null and b/umn/source/_static/images/en-us_image_0000001911849797.png differ diff --git a/umn/source/_static/images/en-us_image_0000001911853289.png b/umn/source/_static/images/en-us_image_0000001911853289.png new file mode 100644 index 0000000..e2ad780 Binary files /dev/null and b/umn/source/_static/images/en-us_image_0000001911853289.png differ diff --git a/umn/source/access_control/firewall/managing_firewalls/viewing_a_firewall.rst b/umn/source/access_control/firewall/managing_firewalls/viewing_a_firewall.rst index cc23223..946272d 100644 --- a/umn/source/access_control/firewall/managing_firewalls/viewing_a_firewall.rst +++ b/umn/source/access_control/firewall/managing_firewalls/viewing_a_firewall.rst @@ -27,5 +27,11 @@ Procedure 6. On the displayed page, click the **Inbound Rules**, **Outbound Rules**, and **Associated Subnets** tabs one by one to view details about inbound rules, outbound rules, and subnet associations. + + .. figure:: /_static/images/en-us_image_0000001865684752.png + :alt: **Figure 1** Viewing a firewall + + **Figure 1** Viewing a firewall + .. |image1| image:: /_static/images/en-us_image_0000001818982734.png .. |image2| image:: /_static/images/en-us_image_0000001865662773.png diff --git a/umn/source/access_control/security_group/managing_a_security_group/creating_a_security_group.rst b/umn/source/access_control/security_group/managing_a_security_group/creating_a_security_group.rst index 159865a..85f7fe4 100644 --- a/umn/source/access_control/security_group/managing_a_security_group/creating_a_security_group.rst +++ b/umn/source/access_control/security_group/managing_a_security_group/creating_a_security_group.rst @@ -14,6 +14,61 @@ If your instances have different Internet access requirements, you can allocate Each ECS must be associated with at least one security group. If you do not have a security group when creating an ECS, the system provides a default security group. +Security Group Templates +------------------------ + +The system provides several security group templates for you to create a security group. A security group template has preconfigured inbound and outbound rules. You can select a template based on your service requirements. :ref:`Table 1 ` describes the security group templates. + +.. _en-us_topic_0013748715__table117828131111: + +.. table:: **Table 1** Security group templates + + +----------------------------+-----------+--------------------------+--------------------+-----------------------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | Template | Direction | Protocol/Port/Type | Source/Destination | Description | Application Scenario | + +============================+===========+==========================+====================+===================================================================================================================================+============================================================================================================================================================================================================================+ + | General-purpose web server | Inbound | TCP: 22 (IPv4) | 0.0.0.0/0 | Allows all IPv4 addresses to access ECSs in the security group over port 22 (SSH) for remotely logging in to Linux ECSs. | - Remotely log in to ECSs. | + | | | | | | - Use the ping command to test ECS connectivity. | + | | | | | | - ECSs functioning as web servers provide website access services. | + +----------------------------+-----------+--------------------------+--------------------+-----------------------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | | | TCP: 3389 (IPv4) | 0.0.0.0/0 | Allows all IPv4 addresses to access ECSs in the security group over port 3389 (RDP) for remotely logging in to Windows ECSs. | | + +----------------------------+-----------+--------------------------+--------------------+-----------------------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | | | TCP: 80 (IPv4) | 0.0.0.0/0 | Allows all IPv4 addresses to access ECSs in the security group over port 80 (HTTP) for visiting websites. | | + +----------------------------+-----------+--------------------------+--------------------+-----------------------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | | | TCP: 443 (IPv4) | 0.0.0.0/0 | Allows all IPv4 addresses to access ECSs in the security group over port 443 (HTTPS) for visiting websites. | | + +----------------------------+-----------+--------------------------+--------------------+-----------------------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | | | ICMP: All (IPv4) | 0.0.0.0/0 | Allows all IPv4 addresses to access ECSs in the security group over any port for using the ping command to test ECS connectivity. | | + +----------------------------+-----------+--------------------------+--------------------+-----------------------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | | | All (IPv4) | sg-xxx | Allows ECSs in the security group to communicate with each other. | | + | | | | | | | + | | | All (IPv6) | | | | + +----------------------------+-----------+--------------------------+--------------------+-----------------------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | | Outbound | All (IPv4) | 0.0.0.0/0 | Allows access from ECSs in the security group to any IP address over any port. | | + | | | | | | | + | | | All (IPv6) | | | | + +----------------------------+-----------+--------------------------+--------------------+-----------------------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | All ports open | Inbound | All (IPv4) | sg-xxx | Allows ECSs in the security group to communicate with each other. | Opening all ECS ports in a security group poses security risks. | + | | | | | | | + | | | All (IPv6) | | | | + +----------------------------+-----------+--------------------------+--------------------+-----------------------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | | | All (IPv4) | 0.0.0.0/0 | Allows all IP addresses to access ECSs in the security group over any port. | | + | | | | | | | + | | | All (IPv6) | | | | + +----------------------------+-----------+--------------------------+--------------------+-----------------------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | | Outbound | All (IPv4) | 0.0.0.0/0 | Allows access from ECSs in the security group to any IP address over any port. | | + | | | | | | | + | | | All (IPv6) | | | | + +----------------------------+-----------+--------------------------+--------------------+-----------------------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | Fast-add rule | Inbound | All (IPv4) | sg-xxx | Allows ECSs in the security group to communicate with each other. | You can select protocols and ports that the inbound rule will apply to. | + | | | | | | | + | | | All (IPv6) | | | If you do not select any protocols and ports, no protocols and ports will be opened. After the security group is created, add required rules by referring to :ref:`Adding a Security Group Rule `. | + +----------------------------+-----------+--------------------------+--------------------+-----------------------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | | | Custom port and protocol | 0.0.0.0/0 | Allows all IP addresses to access ECSs in a security group over specified ports (TCP or ICMP) for different purposes. | | + +----------------------------+-----------+--------------------------+--------------------+-----------------------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | | Outbound | All (IPv4) | 0.0.0.0/0 | Allows access from ECSs in the security group to any IP address over any port. | | + | | | | | | | + | | | All (IPv6) | ::/0 | | | + +----------------------------+-----------+--------------------------+--------------------+-----------------------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + Notes and Constraints --------------------- @@ -48,41 +103,39 @@ Procedure **Figure 1** Create Security Group - .. table:: **Table 1** Parameter description + .. table:: **Table 2** Parameter description - +-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+----------------------------+ - | Parameter | Description | Example Value | - +=======================+=======================================================================================================================================================================================================================================================================+============================+ - | Name | Mandatory | sg-AB | - | | | | - | | Enter the security group name. | | - | | | | - | | The security group name can contain a maximum of 64 characters, which may consist of letters, digits, underscores (_), hyphens (-), and periods (.). The name cannot contain spaces. | | - | | | | - | | .. note:: | | - | | | | - | | You can change the security group name after a security group is created. It is recommended that you give each security group a different name. | | - +-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+----------------------------+ - | Enterprise Project | Mandatory | default | - | | | | - | | When creating a security group, you can add the security group to an enabled enterprise project. | | - | | | | - | | An enterprise project facilitates project-level management and grouping of cloud resources and users. The name of the default project is **default**. | | - +-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+----------------------------+ - | Template | Mandatory | General-purpose web server | - | | | | - | | A template comes with default security group rules, helping you quickly create security groups. The following templates are provided: | | - | | | | - | | - **Custom**: This template allows you to create security groups with custom security group rules. | | - | | - **General-purpose web server** (default value): The security group that you create using this template is for general-purpose web servers and includes default rules that allow all inbound ICMP traffic and allow inbound traffic on ports 22, 80, 443, and 3389. | | - | | - **All ports open**: The security group that you create using this template includes default rules that allow inbound traffic on any port. Note that allowing inbound traffic on any port poses security risks. | | - +-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+----------------------------+ - | Description | Optional | N/A | - | | | | - | | Supplementary information about the security group. This parameter is optional. | | - | | | | - | | The security group description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | | - +-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+----------------------------+ + +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+----------------------------+ + | Parameter | Description | Example Value | + +=======================+================================================================================================================================================================================================================================+============================+ + | Name | Mandatory | sg-AB | + | | | | + | | Enter the security group name. | | + | | | | + | | The security group name can contain a maximum of 64 characters, which may consist of letters, digits, underscores (_), hyphens (-), and periods (.). The name cannot contain spaces. | | + | | | | + | | .. note:: | | + | | | | + | | You can change the security group name after a security group is created. It is recommended that you give each security group a different name. | | + +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+----------------------------+ + | Enterprise Project | Mandatory | default | + | | | | + | | When creating a security group, you can add the security group to an enabled enterprise project. | | + | | | | + | | An enterprise project facilitates project-level management and grouping of cloud resources and users. The name of the default project is **default**. | | + +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+----------------------------+ + | Template | Mandatory | General-purpose web server | + | | | | + | | The system provides several security group templates for you to create a security group. A security group template has preconfigured inbound and outbound rules. You can select a template based on your service requirements. | | + | | | | + | | :ref:`Table 1 ` describes the security group templates. | | + +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+----------------------------+ + | Description | Optional | N/A | + | | | | + | | Supplementary information about the security group. This parameter is optional. | | + | | | | + | | The security group description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | | + +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+----------------------------+ #. Confirm the inbound and outbound rules of the template and click **OK**. diff --git a/umn/source/access_control/security_group/managing_instances_associated_with_a_security_group/viewing_the_security_group_of_an_ecs.rst b/umn/source/access_control/security_group/managing_instances_associated_with_a_security_group/viewing_the_security_group_of_an_ecs.rst index 7a4af4d..f27cd52 100644 --- a/umn/source/access_control/security_group/managing_instances_associated_with_a_security_group/viewing_the_security_group_of_an_ecs.rst +++ b/umn/source/access_control/security_group/managing_instances_associated_with_a_security_group/viewing_the_security_group_of_an_ecs.rst @@ -29,5 +29,11 @@ Procedure You can view the security groups associated with the ECS and the inbound and outbound rules. + + .. figure:: /_static/images/en-us_image_0000001911842313.png + :alt: **Figure 1** View the security group of an ECS + + **Figure 1** View the security group of an ECS + .. |image1| image:: /_static/images/en-us_image_0000001818982734.png .. |image2| image:: /_static/images/en-us_image_0000001818982866.png diff --git a/umn/source/access_control/security_group/managing_security_group_rules/adding_a_security_group_rule.rst b/umn/source/access_control/security_group/managing_security_group_rules/adding_a_security_group_rule.rst index 678c639..9a88e67 100644 --- a/umn/source/access_control/security_group/managing_security_group_rules/adding_a_security_group_rule.rst +++ b/umn/source/access_control/security_group/managing_security_group_rules/adding_a_security_group_rule.rst @@ -71,36 +71,36 @@ Procedure .. table:: **Table 1** Inbound rule parameter description - +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ - | Parameter | Description | Example Value | - +=======================+====================================================================================================================================================================================================================================================================================================================================================================================================================+=======================+ - | Protocol & Port | The network protocol used to match traffic in a security group rule. | TCP | - | | | | - | | Currently, the value can be **All**, **TCP**, **UDP**, **GRE**, **ICMP**, or more. | | - +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ - | | **Port**: The port or port range over which traffic can reach your ECS. The value can be from 1 to 65535. | 22, or 22-30 | - +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ - | Type | Source IP address version. You can select: | IPv4 | - | | | | - | | - IPv4 | | - | | - IPv6 | | - +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ - | Source | Source of the security group rule. The value can be an IP address, a security group, or an IP address group to allow access from IP addresses or instances in the security group. For example: | 0.0.0.0/0 | - | | | | - | | - IP address: | | - | | | | - | | - Single IP address: 192.168.10.10/32 | | - | | - All IP addresses: 0.0.0.0/0 | | - | | - IP address range: 192.168.1.0/24 | | - | | | | - | | - **Security group**: The source is from another security group. You can select a security group in the same region under the current account from the drop-down list. Instance A is in security group A and instance B is in security group B. If security group A has an inbound rule with **Action** set to **Allow** and **Source** set to security group B, access from instance B is allowed to instance A. | | - | | | | - | | If the source is a security group, this rule will apply to all instances associated with the selected security group. | | - +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ - | Description | Supplementary information about the security group rule. This parameter is optional. | N/A | - | | | | - | | The security group rule description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | | - +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ + | Parameter | Description | Example Value | + +=======================+===============================================================================================================================================================================================================================================================================================================================================================+=======================+ + | Protocol & Port | The network protocol used to match traffic in a security group rule. | TCP | + | | | | + | | Currently, the value can be **All**, **TCP**, **UDP**, **GRE**, **ICMP**, or more. | | + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ + | | **Port**: The port or port range over which traffic can reach your ECS. The value can be from 1 to 65535. | 22, or 22-30 | + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ + | Type | Source IP address version. You can select: | IPv4 | + | | | | + | | - IPv4 | | + | | - IPv6 | | + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ + | Source | Source of the security group rule. The value can be an IP address or a security group to allow access from IP addresses or instances in the security group. | 0.0.0.0/0 | + | | | | + | | - IP address: | | + | | | | + | | - Single IP address: 192.168.10.10/32 | | + | | - All IP addresses: 0.0.0.0/0 | | + | | - IP address range: 192.168.1.0/24 | | + | | | | + | | - **Security group**: The source is from another security group. You can select a security group in the same region from the drop-down list. If there is instance A in security group A and instance B in security group B, and the inbound rule of security group A allows traffic from security group B, traffic is allowed from instance B to instance A. | | + | | | | + | | If the source is a security group, this rule will apply to all instances associated with the selected security group. | | + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ + | Description | Supplementary information about the security group rule. This parameter is optional. | N/A | + | | | | + | | The security group rule description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | | + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ #. Click **OK**. @@ -122,34 +122,34 @@ Procedure .. table:: **Table 2** Outbound rule parameter description - +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ - | Parameter | Description | Example Value | - +=======================+============================================================================================================================================================================================================================================================================================================================================================================================================================================+=======================+ - | Protocol & Port | The network protocol used to match traffic in a security group rule. | TCP | - | | | | - | | Currently, the value can be **All**, **TCP**, **UDP**, **GRE**, **ICMP**, or more. | | - +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ - | | **Port**: The port or port range over which traffic can leave your ECS. The value can be from 1 to 65535. | 22, or 22-30 | - +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ - | Type | Source IP address version. You can select: | IPv4 | - | | | | - | | - IPv4 | | - | | - IPv6 | | - +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ - | Destination | Destination of the security group rule. The value can be an IP address or a security group to allow access to IP addresses or instances in the security group. For example: | 0.0.0.0/0 | - | | | | - | | - IP address: | | - | | | | - | | - Single IP address: 192.168.10.10/32 | | - | | - All IP addresses: 0.0.0.0/0 | | - | | - IP address range: 192.168.1.0/24 | | - | | | | - | | - **Security group**: The destination is from another security group. You can select a security group in the same region under the current account from the drop-down list. For example, instance A is in security group A and instance B is in security group B. If security group A has an outbound rule with **Action** set to **Allow** and **Destination** set to security group B, access from instance A is allowed to instance B. | | - +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ - | Description | Supplementary information about the security group rule. This parameter is optional. | N/A | - | | | | - | | The security group rule description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | | - +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ + | Parameter | Description | Example Value | + +=======================+===============================================================================================================================================================================================================================================================================================================================================================+=======================+ + | Protocol & Port | The network protocol used to match traffic in a security group rule. | TCP | + | | | | + | | Currently, the value can be **All**, **TCP**, **UDP**, **GRE**, **ICMP**, or more. | | + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ + | | **Port**: The port or port range over which traffic can leave your ECS. The value can be from 1 to 65535. | 22, or 22-30 | + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ + | Type | Source IP address version. You can select: | IPv4 | + | | | | + | | - IPv4 | | + | | - IPv6 | | + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ + | Destination | Destination of the security group rule. The value can be an IP address or a security group to allow access to IP addresses or instances in the security group. | 0.0.0.0/0 | + | | | | + | | - IP address: | | + | | | | + | | - Single IP address: 192.168.10.10/32 | | + | | - All IP addresses: 0.0.0.0/0 | | + | | - IP address range: 192.168.1.0/24 | | + | | | | + | | - **Security group**: The source is from another security group. You can select a security group in the same region from the drop-down list. If there is instance A in security group A and instance B in security group B, and the inbound rule of security group A allows traffic from security group B, traffic is allowed from instance B to instance A. | | + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ + | Description | Supplementary information about the security group rule. This parameter is optional. | N/A | + | | | | + | | The security group rule description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | | + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ #. Click **OK**. diff --git a/umn/source/access_control/security_group/managing_security_group_rules/deleting_a_security_group_rule.rst b/umn/source/access_control/security_group/managing_security_group_rules/deleting_a_security_group_rule.rst index 82e7710..7da34a1 100644 --- a/umn/source/access_control/security_group/managing_security_group_rules/deleting_a_security_group_rule.rst +++ b/umn/source/access_control/security_group/managing_security_group_rules/deleting_a_security_group_rule.rst @@ -13,10 +13,7 @@ If your security group rule is no longer required, you can delete it. Notes and Constraints --------------------- -Security group rules use whitelists. Deleting a security group rule may result in ECS access failures. Security group rules work as follows: - -- Inbound rule: If an inbound request matches the source in an inbound security group rule with **Action** set to **Allow**, the request is allowed. -- Outbound rule: If the destination of an outbound security group rule with **Action** set to **Allow** is 0.0.0.0/0, all outbound requests are allowed. +Security group rules use whitelists. Deleting a security group rule may result in ECS access failures. Procedure --------- diff --git a/umn/source/access_control/security_group/managing_security_group_rules/fast-adding_security_group_rules.rst b/umn/source/access_control/security_group/managing_security_group_rules/fast-adding_security_group_rules.rst index 728565d..9b754de 100644 --- a/umn/source/access_control/security_group/managing_security_group_rules/fast-adding_security_group_rules.rst +++ b/umn/source/access_control/security_group/managing_security_group_rules/fast-adding_security_group_rules.rst @@ -43,34 +43,33 @@ Procedure .. table:: **Table 1** Inbound rule parameter description - +-----------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ - | Parameter | Description | Example Value | - +=======================+====================================================================================================================================================================================================+=======================+ - | Protocols and Ports | Common protocols and ports are provided for: | SSH (22) | - | | | | - | | - Remote login and ping | | - | | - Web services | | - | | - Databases | | - +-----------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ - | Type | Source IP address version. You can select: | IPv4 | - | | | | - | | - IPv4 | | - | | - IPv6 | | - +-----------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ - | Source | Source of the security group rule. The value can be an IP address, an IP address group, or a security group to allow access from IP addresses or instances in the security group. You can specify: | 0.0.0.0/0 | - | | | | - | | - xxx.xxx.xxx.xxx/32 (IPv4 address) | | - | | - xxx.xxx.xxx.0/24 (IPv4 address range) | | - | | - 0.0.0.0/0 (all IPv4 addresses) | | - | | - sg-abc (security group) | | - | | - IP address group: ipGroup-test | | - | | | | - | | If the source is a security group, this rule will apply to all instances associated with the selected security group. | | - +-----------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ - | Description | (Optional) Supplementary information about the security group rule. | ``-`` | - | | | | - | | The description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | | - +-----------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ + +-----------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ + | Parameter | Description | Example Value | + +=======================+==============================================================================================================================================================================+=======================+ + | Protocols and Ports | Common protocols and ports are provided for: | SSH (22) | + | | | | + | | - Remote login and ping | | + | | - Web services | | + | | - Databases | | + +-----------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ + | Type | Source IP address version. You can select: | IPv4 | + | | | | + | | - IPv4 | | + | | - IPv6 | | + +-----------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ + | Source | Source of the security group rule. The value can be an IP address or a security group to allow access from IP addresses or instances in the security group. You can specify: | 0.0.0.0/0 | + | | | | + | | - xxx.xxx.xxx.xxx/32 (IPv4 address) | | + | | - xxx.xxx.xxx.0/24 (IPv4 address range) | | + | | - 0.0.0.0/0 (all IPv4 addresses) | | + | | - sg-abc (security group) | | + | | | | + | | If the source is a security group, this rule will apply to all instances associated with the selected security group. | | + +-----------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ + | Description | (Optional) Supplementary information about the security group rule. | ``-`` | + | | | | + | | The description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | | + +-----------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ 8. Click **OK**. @@ -90,32 +89,31 @@ Procedure .. table:: **Table 2** Outbound rule parameter description - +-----------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ - | Parameter | Description | Example Value | - +=======================+=======================================================================================================================================================================================================+=======================+ - | Protocols and Ports | Common protocols and ports are provided for: | SSH (22) | - | | | | - | | - Remote login and ping | | - | | - Web services | | - | | - Databases | | - +-----------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ - | Type | Source IP address version. You can select: | IPv4 | - | | | | - | | - IPv4 | | - | | - IPv6 | | - +-----------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ - | Destination | Destination of the security group rule. The value can be an IP address, an IP address group, or a security group to allow access to IP addresses or instances in the security group. You can specify: | 0.0.0.0/0 | - | | | | - | | - xxx.xxx.xxx.xxx/32 (IPv4 address) | | - | | - xxx.xxx.xxx.0/24 (IPv4 address range) | | - | | - 0.0.0.0/0 (all IPv4 addresses) | | - | | - sg-abc (security group) | | - | | - IP address group: ipGroup-test | | - +-----------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ - | Description | (Optional) Supplementary information about the security group rule. | ``-`` | - | | | | - | | The description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | | - +-----------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ + | Parameter | Description | Example Value | + +=======================+=================================================================================================================================================================================+=======================+ + | Protocols and Ports | Common protocols and ports are provided for: | SSH (22) | + | | | | + | | - Remote login and ping | | + | | - Web services | | + | | - Databases | | + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ + | Type | Source IP address version. You can select: | IPv4 | + | | | | + | | - IPv4 | | + | | - IPv6 | | + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ + | Destination | Destination of the security group rule. The value can be an IP address or a security group to allow access to IP addresses or instances in the security group. You can specify: | 0.0.0.0/0 | + | | | | + | | - xxx.xxx.xxx.xxx/32 (IPv4 address) | | + | | - xxx.xxx.xxx.0/24 (IPv4 address range) | | + | | - 0.0.0.0/0 (all IPv4 addresses) | | + | | - sg-abc (security group) | | + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ + | Description | (Optional) Supplementary information about the security group rule. | ``-`` | + | | | | + | | The description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | | + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ 11. Click **OK**. diff --git a/umn/source/access_control/security_group/managing_security_group_rules/importing_and_exporting_security_group_rules.rst b/umn/source/access_control/security_group/managing_security_group_rules/importing_and_exporting_security_group_rules.rst index 473c545..640c9d5 100644 --- a/umn/source/access_control/security_group/managing_security_group_rules/importing_and_exporting_security_group_rules.rst +++ b/umn/source/access_control/security_group/managing_security_group_rules/importing_and_exporting_security_group_rules.rst @@ -19,6 +19,8 @@ Notes and Constraints - The security group rules to be imported must be configured based on the template. Do not add parameters or change existing parameters. Otherwise, the import will fail. - Duplicate rules are not allowed, you can delete the rule and try again. +- If you want to import rules of the security group in one region to another under one account, only rules with both **Source** and **Destination** set to **IP address** can be applied. +- If you want to import rules of the security group in one account to the security group in another account, only rules with both **Source** and **Destination** set to **IP address** can be applied. Procedure --------- @@ -51,42 +53,41 @@ Procedure .. table:: **Table 1** Template parameters - +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------+ - | Parameter | Description | Example Value | - +=======================+====================================================================================================================================================================================================================================================================================================================================================================================================================+====================================+ - | Direction | The direction in which the security group rule takes effect. | Inbound | - | | | | - | | - **Inbound**: Inbound rules control incoming traffic to instances in the security group. | | - | | - **Outbound**: Outbound rules control outgoing traffic from instances in the security group. | | - +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------+ - | Protocol & Port | The network protocol used to match traffic in a security group rule. | TCP | - | | | | - | | Currently, the value can be **All**, **TCP**, **UDP**, **GRE**, **ICMP**, or more. | | - +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------+ - | | **Port**: The port or port range over which traffic can reach your ECS. The value can be from 1 to 65535. | 22, or 22-30 | - +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------+ - | Type | Source IP address version. You can select: | IPv4 | - | | | | - | | - IPv4 | | - | | - IPv6 | | - +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------+ - | Source | Source of the security group rule. The value can be an IP address, a security group, or an IP address group to allow access from IP addresses or instances in the security group. For example: | sg-test[96a8a93f-XXX-d7872990c314] | - | | | | - | | - IP address: | | - | | | | - | | - Single IP address: 192.168.10.10/32 | | - | | - All IP addresses: 0.0.0.0/0 | | - | | - IP address range: 192.168.1.0/24 | | - | | | | - | | - **Security group**: The source is from another security group. You can select a security group in the same region under the current account from the drop-down list. Instance A is in security group A and instance B is in security group B. If security group A has an inbound rule with **Action** set to **Allow** and **Source** set to security group B, access from instance B is allowed to instance A. | | - | | - **IP address group**: The source is an IP address group. An IP address group is a collection of one or more IP addresses. You can select an available IP address group from the drop-down list. An IP address group can help you manage IP address ranges and IP addresses with same security requirements in a more simple way. | | - +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------+ - | Destination | Destination of the security group rule. The value can be an IP address or a security group to allow access to IP addresses or instances in the security group. For example: | sg-test[96a8a93f-XXX-d7872990c314] | - +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------+ - | Description | (Optional) Supplementary information about the security group rule. | ``-`` | - | | | | - | | The route description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | | - +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------+ + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------+ + | Parameter | Description | Example Value | + +=======================+===============================================================================================================================================================================================================================================================================================================================================================+====================================+ + | Direction | The direction in which the security group rule takes effect. | Inbound | + | | | | + | | - **Inbound**: Inbound rules control incoming traffic to instances in the security group. | | + | | - **Outbound**: Outbound rules control outgoing traffic from instances in the security group. | | + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------+ + | Protocol & Port | The network protocol used to match traffic in a security group rule. | TCP | + | | | | + | | Currently, the value can be **All**, **TCP**, **UDP**, **GRE**, **ICMP**, or more. | | + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------+ + | | **Port**: The port or port range over which traffic can reach your ECS. The value can be from 1 to 65535. | 22, or 22-30 | + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------+ + | Type | Source IP address version. You can select: | IPv4 | + | | | | + | | - IPv4 | | + | | - IPv6 | | + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------+ + | Source | Source of the security group rule. The value can be an IP address or a security group to allow access from IP addresses or instances in the security group. | sg-test[96a8a93f-XXX-d7872990c314] | + | | | | + | | - IP address: | | + | | | | + | | - Single IP address: 192.168.10.10/32 | | + | | - All IP addresses: 0.0.0.0/0 | | + | | - IP address range: 192.168.1.0/24 | | + | | | | + | | - **Security group**: The source is from another security group. You can select a security group in the same region from the drop-down list. If there is instance A in security group A and instance B in security group B, and the inbound rule of security group A allows traffic from security group B, traffic is allowed from instance B to instance A. | | + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------+ + | Destination | Destination of the security group rule. The value can be an IP address or a security group to allow access to IP addresses or instances in the security group. | sg-test[96a8a93f-XXX-d7872990c314] | + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------+ + | Description | (Optional) Supplementary information about the security group rule. | ``-`` | + | | | | + | | The route description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | | + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------------------+ .. |image1| image:: /_static/images/en-us_image_0000001818982734.png .. |image2| image:: /_static/images/en-us_image_0000001865582585.png diff --git a/umn/source/access_control/security_group/security_groups_and_security_group_rules.rst b/umn/source/access_control/security_group/security_groups_and_security_group_rules.rst index 2599b51..94be088 100644 --- a/umn/source/access_control/security_group/security_groups_and_security_group_rules.rst +++ b/umn/source/access_control/security_group/security_groups_and_security_group_rules.rst @@ -26,7 +26,7 @@ Security Group Basics .. important:: - After a persistent connection is disconnected, new connections will not be established immediately until the timeout period of connection tracking expires. For example, after an ICMP persistent connection is disconnected, a new connection will be established and a new rule will apply when the timeout period (30s) expires. + After a persistent connection is disconnected, new connections will not be established immediately until the timeout period of connection tracking expires. For example, after an ICMP persistent connection is disconnected, a new connection will be established and a new rule will be applied when the timeout period (30s) expires. - The timeout period of connection tracking varies by protocol. The timeout period of a TCP connection in the established state is 600s, and that of an ICMP connection is 30s. For other protocols, if packets are received in both inbound and outbound directions, the connection tracking timeout period is 180s. If packets are received only in one direction, the connection tracking timeout period is 30s. - The timeout period of TCP connections varies by connection status. The timeout period of a TCP connection in the established state is 600s, and that of a TCP connection in the FIN-WAIT state is 30s. @@ -40,46 +40,42 @@ A security group has inbound and outbound rules to control traffic that's allowe .. table:: **Table 1** Security group rule information - +-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ - | Parameter | Description | - +===================================+=====================================================================================================================================================================================================================================+ - | Protocol | The network protocol used to match traffic in a security group rule. Currently, the value can be **All**, **TCP**, **UDP**, **GRE**, **ICMP**, or more. | - +-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ - | Port | Destination port used to match traffic in a security group rule. The value can be from 1 to 65535. | - | | | - | | - Inbound rules control incoming traffic over specific ports to instances in the security group. | - | | - Outbound rules control outgoing traffic over specific ports from instances in the security group. | - +-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ - | Source (Inbound) | The source in an inbound rule is used to match the IP address or address range of an external request. The source can be: | - | | | - | | - IP address: | - | | | - | | - Example IPv4 address: 192.168.10.10/32 | - | | - Example IPv6 address: 2002:50::44/128 | - | | - Example IPv4 address range: 192.168.52.0/24 All IPv4 addresses: 0.0.0.0/0 | - | | - Example IPv6 address range: 2407:c080:802:469::/64 All IPv6 addresses: ::/0 | - | | | - | | - Security group: You can select another security group in the same region under the current account as the source. | - | | | - | | For example, instance A is in security group A and instance B is in security group B. If security group A has a rule with **Source** set to security group B, access from instance B is allowed to instance A. | - | | | - | | - IP address group: If you have multiple IP address ranges and IP addresses with same security requirements, add them to an IP address group and select the group as the source to help you manage them in a more simple way. | - +-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ - | Destination (Outbound) | The destination in an outbound rule is used to match the IP address or address range of an internal request. The destination can be: | - | | | - | | - IP address: | - | | | - | | - Example IPv4 address: 192.168.10.10/32 | - | | - Example IPv6 address: 2002:50::44/128 | - | | - Example IPv4 address range: 192.168.52.0/24 All IPv4 addresses: 0.0.0.0/0 | - | | - Example IPv6 address range: 2407:c080:802:469::/64 All IPv6 addresses: ::/0 | - | | | - | | - Security group: You can select another security group in the same region under the current account as the destination. | - | | | - | | For example, instance A is in security group A and instance B is in security group B. If security group A has a rule with **Destination** set to security group B, access from instance A is allowed to instance B. | - | | | - | | - IP address group: If you have multiple IP address ranges and IP addresses with same security requirements, add them to an IP address group and select the group as the destination to help you manage them in a more simple way. | - +-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + +-----------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | Parameter | Description | + +===================================+========================================================================================================================================================================================================================+ + | Protocol | The network protocol used to match traffic in a security group rule. Currently, the value can be **All**, **TCP**, **UDP**, **GRE**, **ICMP**, or more. | + +-----------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | Port | Destination port used to match traffic in a security group rule. The value can be from 1 to 65535. | + | | | + | | - Inbound rules control incoming traffic over specific ports to instances in the security group. | + | | - Outbound rules control outgoing traffic over specific ports from instances in the security group. | + +-----------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | Source (Inbound) | The source in an inbound rule is used to match the IP address or address range of an external request. The source can be: | + | | | + | | - IP address: | + | | | + | | - Example IPv4 address: 192.168.10.10/32 | + | | - Example IPv6 address: 2002:50::44/128 | + | | - Example IPv4 address range: 192.168.52.0/24 All IPv4 addresses: 0.0.0.0/0 | + | | - Example IPv6 address range: 2407:c080:802:469::/64 All IPv6 addresses: ::/0 | + | | | + | | - Security group: You can select another security group in the same region under the current account as the source. | + | | | + | | For example, instance A is in security group A and instance B is in security group B. If security group A has a rule with **Source** set to security group B, access from instance B is allowed to instance A. | + +-----------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | Destination (Outbound) | The destination in an outbound rule is used to match the IP address or address range of an internal request. The destination can be: | + | | | + | | - IP address: | + | | | + | | - Example IPv4 address: 192.168.10.10/32 | + | | - Example IPv6 address: 2002:50::44/128 | + | | - Example IPv4 address range: 192.168.52.0/24 All IPv4 addresses: 0.0.0.0/0 | + | | - Example IPv6 address range: 2407:c080:802:469::/64 All IPv6 addresses: ::/0 | + | | | + | | - Security group: You can select another security group in the same region under the current account as the destination. | + | | | + | | For example, instance A is in security group A and instance B is in security group B. If security group A has a rule with **Destination** set to security group B, access from instance A is allowed to instance B. | + +-----------------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ Like whitelists, security group rules work as follows: @@ -130,6 +126,31 @@ Like whitelists, security group rules work as follows: You can use :ref:`VPC peering connections ` to connect VPCs in different regions. +Security Group Configuration Process +------------------------------------ + + +.. figure:: /_static/images/en-us_image_0000001865662813.png + :alt: **Figure 1** Security group configuration process + + **Figure 1** Security group configuration process + +.. table:: **Table 3** Security group configuration process description + + +-----------------+--------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------+ + | No. | Step | Description | Reference | + +=================+======================================+======================================================================================================================================================================================================================================================================+=================================================================================================+ + | 1 | Create a security group. | When creating a security group, you can select a template, such **General-purpose web server** or **All ports open**. A template contains preset security group rules. For details, see :ref:`Security group templates `. | :ref:`Creating a Security Group ` | + +-----------------+--------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------+ + | 2 | Configure security group rules. | After a security group is created, if its rules cannot meet your service requirements, you can add new rules to the security group or modify original rules. | :ref:`Adding a Security Group Rule ` | + | | | | | + | | | | :ref:`Fast-Adding Security Group Rules ` | + +-----------------+--------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------+ + | 3 | Add instances to the security group. | When you create an instance, the system automatically adds the instance to a security group for protection. | :ref:`Adding an Instance to or Removing an Instance from a Security Group ` | + | | | | | + | | | If one security group cannot meet your requirements, you can add an instance to multiple security groups. | | + +-----------------+--------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-------------------------------------------------------------------------------------------------+ + Security Group Constraints -------------------------- diff --git a/umn/source/change_history.rst b/umn/source/change_history.rst index 51c3419..76eea13 100644 --- a/umn/source/change_history.rst +++ b/umn/source/change_history.rst @@ -5,713 +5,739 @@ Change History ============== -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| Released On | Description | -+===================================+=================================================================================================================================================================================================================================================================================================================================================+ -| 2024-04-16 | This release incorporates the following changes: | -| | | -| | - Modified the procedure for changing the CIDR block of a VPC in :ref:`Modifying a VPC `. | -| | - Updated the Table 1 application scenarios of IPv4/IPv6 dual stack in :ref:`IPv4 and IPv6 Dual-Stack Network `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2024-03-27 | This release incorporates the following changes: | -| | | -| | - Changed **VPCReadOnlyAccess** and **VPCFullAccess** into **VPC ReadOnlyAccess** and **VPC FullAccess**. | -| | - Modified the subnet description in :ref:`Subnet `. | -| | - Deleted parameter **Fast-add rule** in :ref:`Creating a Security Group `. | -| | - Added the description indicating that if the secondary IPv4 CIDR block function is available in a region, the CIDR block of a VPC in this region cannot be modified through the console in :ref:`Modifying a VPC ` and :ref:`Adding a Secondary IPv4 CIDR Block to a VPC `. | -| | - Added the procedure for exporting the list of shared bandwidths in :ref:`Exporting Shared Bandwidths `. | -| | - Modified the operation procedure and figures in :ref:`Adding EIPs to a Shared Bandwidth ` and :ref:`Removing EIPs from a Shared Bandwidth `. | -| | - Modified the procedure for exporting the resource list in :ref:`Exporting VPC List `, :ref:`Exporting Subnet List `, :ref:`Importing and Exporting Security Group Rules `, :ref:`Exporting EIP Information `, and :ref:`Exporting Route Table Information `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2024-02-29 | This release incorporates the following changes: | -| | | -| | - Deleted parameter **Destination Address** in :ref:`Creating a Custom Route Table `, :ref:`Adding a Custom Route `, and :ref:`Modifying a Route `. | -| | - Deleted the descriptions about IP address groups in :ref:`Adding a Firewall Rule ` and :ref:`Modifying a Firewall Rule `. | -| | - Modified the subnet description in :ref:`Subnet `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2024-02-18 | This release incorporates the following changes: | -| | | -| | Added :ref:`What Are the Differences Between 5_bgp, 5_mailbgp, and 5_gray EIPs? ` | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2024-02-02 | This release incorporates the following changes: | -| | | -| | Modified figures in :ref:`Creating a Custom Route Table ` and :ref:`Adding a Custom Route `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2024-01-16 | This release incorporates the following changes: | -| | | -| | Modified the figure for creating a subnet in :ref:`Creating a Subnet for the VPC `, :ref:`Step 2: Create a Subnet for the VPC `, and :ref:`Step 2: Create a Subnet for the VPC `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2024-01-02 | This release incorporates the following changes: | -| | | -| | Modified the parameter descriptions in sections :ref:`Adding a Security Group Rule ` and :ref:`Adding a Firewall Rule `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2023-12-19 | This release incorporates the following changes: | -| | | -| | - Added screenshots in :ref:`How Do I Configure a Security Group for Multi-Channel Protocols? ` | -| | - Modified the table in :ref:`Why Can't I Delete My VPCs and Subnets? ` | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2023-12-18 | This release incorporates the following changes: | -| | | -| | Added IPv6-related content. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2023-12-12 | This release incorporates the following changes: | -| | | -| | Added descriptions about security group and IP address group as source or destination in :ref:`Adding a Security Group Rule `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2023-11-30 | This release incorporates the following changes: | -| | | -| | Added descriptions about IP address groups as source and destination in :ref:`Adding a Firewall Rule `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2023-11-14 | This release incorporates the following changes: | -| | | -| | Added the following content: | -| | | -| | Added description about allowing common ports with a few clicks in :ref:`Allowing Common Ports with A Few Clicks `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2023-10-10 | This release incorporates the following changes: | -| | | -| | - Added the figure for configuring route tables in :ref:`Route Table `. | -| | - Modified :ref:`Step 4: Add a Security Group Rule `. | -| | | -| | - Changed the location of parameter **Type**. | -| | - Added protocol **GRE**. | -| | | -| | - Modified :ref:`Step 5: Add a Security Group Rule ` and :ref:`Adding a Security Group Rule `. | -| | | -| | - Added description that each ECS must be associated with at least one security group. | -| | - Modified description about port. | -| | - Changed the location of parameter **Type**. | -| | - Added protocol **GRE**. | -| | | -| | - Added the function of adding multiple tags for search in :ref:`Managing VPC Tags `. | -| | - Added figures and modified steps in :ref:`Viewing and Deleting Resources in a Subnet `. | -| | - Modified :ref:`Security Groups and Security Group Rules `. | -| | | -| | - Added protocol **GRE** and deleted content about **Action**. | -| | - Modified description about security group sg-AB. | -| | - Added description about security group configuration. | -| | - Added support for IPv6. | -| | | -| | - Changed the section name in :ref:`Default Security Group and Its Rules `. | -| | - Optimized description in :ref:`Creating a Security Group `. | -| | - Modified the figure and added parameter **Type** in :ref:`Fast-Adding Security Group Rules `. | -| | - Modified notes and constraints in :ref:`Importing and Exporting Security Group Rules `. | -| | - Added description about the maximum number of security groups that can be created in :ref:`Creating a Firewall `. | -| | - Modified figures and parameter settings in :ref:`Adding a Firewall Rule `. | -| | - Added the route table quota in notes and constraints in :ref:`Creating a Custom Route Table `. | -| | - Added constraints on the maximum number of routes that can be added to a route table in :ref:`Adding a Custom Route `. | -| | - Modified :ref:`Creating a VPC Peering Connection with Another VPC in Your Account `. | -| | | -| | - Added description that you need to add routes to the route tables of the local and peer VPCs after creating a VPC peering connection. | -| | - Added parameter **Description** for creating a VPC peering connection. | -| | | -| | - Added parameter **Description** for creating a VPC peering connection in :ref:`Creating a VPC Peering Connection with a VPC in Another Account `. | -| | | -| | - Added description about the maximum number of flow log records that can be recorded in :ref:`VPC Flow Log Overview `. | -| | - Modified the section name and scenarios in :ref:`Disabling Source and Destination Check (HA Load Balancing Cluster Scenario) `. | -| | - Modified the verification procedure in :ref:`Creating a User and Granting VPC Permissions `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2023-09-08 | This release incorporates the following changes: | -| | | -| | Updated the following content: | -| | | -| | - Optimized description in :ref:`Step 4: Add a Security Group Rule `. | -| | - Optimized the procedure for verifying IAM permissions in :ref:`Creating a User and Granting VPC Permissions `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2023-07-18 | This release incorporates the following changes: | -| | | -| | Updated the following content: | -| | | -| | Added description about enabling shared SNAT using an API in :ref:`Shared SNAT `. | -| | | -| | Security group | -| | | -| | Firewall | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2023-06-12 | This release incorporates the following changes: | -| | | -| | Updated the following content: | -| | | -| | Added description about viewing monitoring metrics in :ref:`Viewing Metrics `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2023-05-26 | This release incorporates the following changes: | -| | | -| | Added the following content: | -| | | -| | Added information about cloning a security group in :ref:`Cloning a Security Group `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2023-05-17 | This release incorporates the following changes: | -| | | -| | Updated the following content: | -| | | -| | Modified the procedure for viewing monitoring metrics in :ref:`Viewing Metrics `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2023-04-28 | This release incorporates the following changes: | -| | | -| | Updated the following content: | -| | | -| | Modified the links of sections "Binding an EIP" and "Unbinding an EIP" in :ref:`Assigning an EIP and Binding It to an ECS ` and :ref:`Unbinding an EIP from an ECS and Releasing the EIP `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2023-04-20 | This release incorporates the following changes: | -| | | -| | Updated the following content: | -| | | -| | - Added description that BMS user-defined network is available only in eu-de. | -| | - Added the step for viewing NIC details to :ref:`Disabling Source and Destination Check (HA Load Balancing Cluster Scenario) `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2023-02-15 | This release incorporates the following changes: | -| | | -| | Updated the following content: | -| | | -| | Modified links in :ref:`What Is Virtual Private Cloud? ` and :ref:`Can I Bind an EIP to Multiple ECSs? ` | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2023-01-10 | This release incorporates the following changes: | -| | | -| | Updated the following content: | -| | | -| | Modified steps in :ref:`Subnet ` and :ref:`Elastic IP `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2022-12-12 | This release incorporates the following changes: | -| | | -| | Updated the following content: | -| | | -| | Added description that EIPs of the Dedicated Load Balancer (5_gray) type cannot be created in :ref:`Step 3: Assign an EIP and Bind It to an ECS `, :ref:`Assigning an EIP and Binding It to an ECS `, and :ref:`Can I Bind an EIP to Multiple ECSs? `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2022-11-15 | This release incorporates the following changes: | -| | | -| | Added support for binding and unbinding EIPs of the Dedicated Load Balancer (5_gray) type using APIs in :ref:`Step 3: Assign an EIP and Bind It to an ECS `, :ref:`Assigning an EIP and Binding It to an ECS `, and :ref:`Unbinding an EIP from an ECS and Releasing the EIP `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2022-10-20 | Modified the following content: | -| | | -| | Modified the bandwidth range in :ref:`What Is the Bandwidth Size Range? ` | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2022-09-07 | Added the following content: | -| | | -| | - Added description about binding EIPs of the dedicated load balancer **(5_gray)** type to load balancers in :ref:`Assigning an EIP and Binding It to an ECS `. | -| | - Added description about binding EIPs of the dedicated load balancer **(5_gray)** type to load balancers in :ref:`Unbinding an EIP from an ECS and Releasing the EIP `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2022-06-25 | Added the following content: | -| | | -| | - Modified constraints on EIPs dedicated for dedicated load balancers in :ref:`Assigning an EIP and Binding It to an ECS `. | -| | - Modified constraints on EIP binding to load balancers in :ref:`Unbinding an EIP from an ECS and Releasing the EIP `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2022-02-15 | Added the following content: | -| | | -| | - Added constraints on EIPs dedicated for dedicated load balancers in :ref:`Assigning an EIP and Binding It to an ECS `. | -| | - Added description about the default reverse domain name of an EIP in \ :ref:`Step 3: Assign an EIP and Bind It to an ECS ` and :ref:`Assigning an EIP and Binding It to an ECS `. | -| | - Added constraints on EIPs dedicated for dedicated load balancers in :ref:`Assigning an EIP and Binding It to an ECS ` and :ref:`Adding EIPs to a Shared Bandwidth `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2021-08-25 | Modified the following content: | -| | | -| | Deleted content about IP address groups. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2021-06-18 | Modified the following content: | -| | | -| | Updated screenshots and deleted the **Bandwidth Type** parameter in :ref:`Step 3: Assign an EIP and Bind It to an ECS ` and :ref:`Assigning an EIP and Binding It to an ECS `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2021-05-10 | Added the following content: | -| | | -| | Added constraints on EIPs dedicated for dedicated load balancers in :ref:`Assigning an EIP and Binding It to an ECS `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2021-05-08 | Added the following content: | -| | | -| | - Added description about the default reverse domain name of an EIP in :ref:`Assigning an EIP and Binding It to an ECS `. | -| | - Added description about modifying a dedicated bandwidth or shared bandwidth in :ref:`Modifying an EIP Bandwidth `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2021-03-16 | Added the following FAQ: | -| | | -| | - :ref:`What Bandwidth Types Are Available? ` | -| | - :ref:`What Are the Differences Between a Dedicated Bandwidth and a Shared Bandwidth? ` | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2020-12-16 | This release incorporates the following changes: | -| | | -| | - Deleted the restriction on the number of ECS NICs for SNAT in :ref:`Are There Any Restrictions on Using a Route Table? ` | -| | - Added the procedure for binding a virtual IP address to an ECS in :ref:`Binding a Virtual IP Address to an EIP or ECS `. | -| | - Added description about enabling ports 465 and 587 for Mail BGP EIPs in :ref:`Assigning an EIP and Binding It to an ECS `. | -| | - Modified or added content in **Notes and Constraints**. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2020-07-28 | Modified the following content: | -| | | -| | Changed the maximum number of tags that can be added to 20 in :ref:`Managing VPC Tags ` and :ref:`Managing Subnet Tags `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2020-05-30 | Added the following content: | -| | | -| | Added basic information to :ref:`Security Groups and Security Group Rules ` and :ref:`Firewall Overview `. | -| | | -| | Modified the following content: | -| | | -| | - Added rules in :ref:`Firewall Configuration Examples `. | -| | - Modified :ref:`Does a Modified Security Group Rule or a Firewall Rule Take Effect Immediately for Existing Connections? ` | -| | - Modified :ref:`Why Can't I Delete My VPCs and Subnets? ` | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2020-02-25 | Added the following content: | -| | | -| | - Added :ref:`Shared Bandwidth `. | -| | | -| | Modified the following content: | -| | | -| | - Modified steps in :ref:`Elastic IP `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2020-02-12 | Added the following content: | -| | | -| | Added description that VPC flow logs support S2 ECSs in :ref:`VPC Flow Log `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2020-01-08 | Added the following content: | -| | | -| | - Added function and namespace description and optimized information in tables in :ref:`Supported Metrics `. | -| | - Added :ref:`Region and AZ `. | -| | - Added the example of allowing external access to a specified port in :ref:`Security Group Configuration Examples `. | -| | | -| | Modified the following content: | -| | | -| | - Added **Subnet** and **VPC** as the type of resources whose traffic is to be logged in :ref:`VPC Flow Log `. | -| | | -| | - Updated screenshots in :ref:`Adding a Security Group Rule ` and :ref:`Fast-Adding Security Group Rules `. | -| | - Optimized figure examples in this document. | -| | - Optimized descriptions in :ref:`Firewall Configuration Examples `. | -| | - Optimized descriptions in :ref:`Firewall Overview `. | -| | - Changed the position of :ref:`Access Control `. | -| | - Optimized :ref:`What Is a Quota? ` | -| | | -| | Deleted the following content: | -| | | -| | - Deleted section "Deleting a VPN". | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2020-03-06 | Modified the following content: | -| | | -| | - Modified the steps in :ref:`Assigning an EIP and Binding It to an ECS `, :ref:`Elastic IP `, and :ref:`Shared Bandwidth `. | -| | - Updated screenshots in :ref:`Modifying a Shared Bandwidth `. | -| | - Updated screenshots and parameter description in :ref:`Creating a Subnet for the VPC `. | -| | - Modified steps in :ref:`Assigning a Virtual IP Address `, :ref:`Binding a Virtual IP Address to an EIP or ECS `, and :ref:`Releasing a Virtual IP Address `. | -| | - Updated screenshots in :ref:`VPC Peering Connection `. | -| | - Modified description in :ref:`How Many Routes Can a Route Table Contain? ` | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2019-12-13 | Added the following content: | -| | | -| | - Added restrictions on ports and port ranges in :ref:`Security Groups and Security Group Rules `. | -| | - Added description about IP address groups in :ref:`Importing and Exporting Security Group Rules `. | -| | - Added impacts caused by IP address group modification or deletion in "Managing an IP Address Group". | -| | | -| | Modified the following content: | -| | | -| | - Modified description and value examples of the port and source in :ref:`Step 4: Add a Security Group Rule ` and :ref:`Adding a Security Group Rule `. | -| | - Optimized note description in :ref:`Importing and Exporting Security Group Rules `. | -| | - Changed firewall to firewalls in :ref:`Creating a Firewall `. | -| | - Optimized description about the scenario in :ref:`Changing the Sequence of a Firewall Rule `. | -| | - Optimized description about the scenario in :ref:`Creating an Alarm Rule `. | -| | - Updated screenshots in :ref:`Adding a Security Group Rule ` and :ref:`Fast-Adding Security Group Rules `. | -| | - Optimized figure examples in this document. | -| | - Optimized descriptions in :ref:`Firewall Configuration Examples `. | -| | - Optimized descriptions in :ref:`Firewall Overview `. | -| | - Changed the position of :ref:`Access Control `. | -| | | -| | Deleted the following content: | -| | | -| | - Deleted section "Deleting a VPN". | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2019-11-29 | Added the following content: | -| | | -| | - Added section "IP Address Group". | -| | - Added port format and IP address group when configuring security group rules in :ref:`Adding a Security Group Rule `. | -| | - Added function and namespace description and optimized information in tables in :ref:`Supported Metrics `. | -| | - Added :ref:`Region and AZ `. | -| | | -| | Modified the following content: | -| | | -| | Optimized :ref:`What Is a Quota? ` | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2019-11-05 | Modified the following content: | -| | | -| | Added **Subnet** and **VPC** as the type of resources whose traffic is to be logged in :ref:`VPC Flow Log `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2019-08-30 | Added the following content: | -| | | -| | - Added the example of allowing external access to a specified port in :ref:`Security Group Configuration Examples `. | -| | - Added description that EIP type cannot be changed in :ref:`Step 3: Assign an EIP and Bind It to an ECS ` and :ref:`Assigning an EIP and Binding It to an ECS `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2019-08-23 | Modified the following content: | -| | | -| | Optimized description about **NTP Server Address** in :ref:`Modifying a Subnet `. | -| | | -| | Added the following content: | -| | | -| | Added descriptions about route types in :ref:`Route Table `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2019-08-16 | Added the following content: | -| | | -| | Added :ref:`Exporting Route Table Information `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2019-08-09 | Added the following content: | -| | | -| | - Added parameters **Type** and **Bandwidth Type** to :ref:`Step 3: Assign an EIP and Bind It to an ECS ` and :ref:`Assigning an EIP and Binding It to an ECS `. | -| | - Added description about how to replicate multiple routes in :ref:`Replicating a Route `. | -| | - Added the description about **Next Hop Type** in :ref:`Adding a Custom Route `. | -| | | -| | Modified the following content: | -| | | -| | - Modified description about **NTP Server Address** in :ref:`Modifying a Subnet `. | -| | - Modified description about replication in the "Default Route Table and Custom Route Table" part in :ref:`Route Tables and Routes `. | -| | - Modified descriptions about system routes and custom routes in :ref:`Route Tables and Routes `. | -| | - Modified description about usage restrictions in :ref:`Route Tables and Routes `. | -| | | -| | Deleted the following content: | -| | | -| | - Deleted parameter **Enterprise Project** from the document. | -| | - Deleted the Cloud Connect service from the "Default Route Table and Custom Route Table" part in :ref:`Route Tables and Routes `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2019-08-02 | Added the following content based on the RM-584 requirements: | -| | | -| | - Added subnet parameter description in :ref:`Modifying a Subnet `. | -| | | -| | Modified the following content based on the RM-584 requirements: | -| | | -| | - Added prerequisites in :ref:`Releasing a Virtual IP Address `. | -| | - Optimized description about scenarios and prerequisites in :ref:`Deleting a Subnet `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2019-07-22 | Added the following content: | -| | | -| | Added :ref:`Enabling or Disabling VPC Flow Log `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2019-06-04 | Optimized the description in the following sections: | -| | | -| | - :ref:`What Is an EIP? ` | -| | - :ref:`Step 2: Create a Subnet for the VPC ` | -| | - :ref:`Creating a Subnet for the VPC ` | -| | - :ref:`Route Table ` | -| | - :ref:`Virtual IP Address ` | -| | - :ref:`Virtual IP Address Overview ` | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2019-05-31 | Modified the following sections related to subnets and route tables based on the RM-584 requirements: | -| | | -| | - :ref:`Route Table ` | -| | - :ref:`Modifying a VPC ` | -| | - :ref:`Creating a Subnet for the VPC ` | -| | - :ref:`Modifying a Subnet ` | -| | - :ref:`Managing Subnet Tags ` | -| | - :ref:`Creating a VPC Peering Connection with Another VPC in Your Account ` | -| | - :ref:`Creating a VPC Peering Connection with a VPC in Another Account ` | -| | - :ref:`Viewing Routes Configured for a VPC Peering Connection ` | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2019-05-29 | Added the following content: | -| | | -| | - Added a note in :ref:`Deleting a VPC Flow Log `. | -| | - Added a note about changing the NTP server address in :ref:`Modifying a Subnet `. | -| | | -| | Modified the following content: | -| | | -| | - Modified description about **NTP Server Address** in :ref:`Creating a VPC `, :ref:`Creating a Subnet for the VPC `, and :ref:`Modifying a Subnet `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2019-05-24 | Modified the following content: | -| | | -| | - Deleted description about DHCP in :ref:`What Is Virtual Private Cloud? `. | -| | - Modified description about **NTP Server Address** in :ref:`Creating a VPC `, :ref:`Creating a Subnet for the VPC `, and :ref:`Modifying a Subnet `. | -| | - Optimized :ref:`Elastic IP `. | -| | - Updated the description and screenshot in :ref:`Creating a VPC Peering Connection with Another VPC in Your Account ` and :ref:`Creating a VPC Peering Connection with a VPC in Another Account ` based on the latest management console page. | -| | - Updated sections :ref:`VPC Flow Log Overview ` and :ref:`Creating a VPC Flow Log `. | -| | | -| | Added the following content: | -| | | -| | - Added description about **Advanced Settings** and updated screenshots in :ref:`Creating a VPC ` and :ref:`Creating a Subnet for the VPC `. | -| | - Added "Obtaining the Peer VPC ID" in :ref:`Creating a VPC Peering Connection with a VPC in Another Account `. | -| | - Added two precautions in :ref:`Virtual IP Address Overview `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2019-04-28 | Modified the following content: | -| | | -| | - Modified the incorrect word spelling in :ref:`Viewing a VPC Flow Log `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2019-04-25 | Added the following content: | -| | | -| | - Added a note in :ref:`Creating a VPC Flow Log `. | -| | - Added the description about no VPC flow log records in :ref:`Viewing a VPC Flow Log `. | -| | - Added :ref:`Security Group Configuration Examples `. The security group configuration examples are integrated into one section and the original independent sections are deleted. | -| | | -| | Modified the following content: | -| | | -| | - Modified description information about **Enterprise Project**. | -| | - Optimized :ref:`Service Overview ` and added the product advantage description to :ref:`What Is Virtual Private Cloud? ` | -| | - Modified the description about how to switch to the **EIPs** page in :ref:`Elastic IP `. | -| | - Modified the description about how to switch to the **Shared Bandwidths** page in :ref:`Shared Bandwidth `. | -| | | -| | Deleted the following content: | -| | | -| | - Deleted "What Is a Security Group?", "Which Protocols Does a Security Group Support?", "What Are the Functions of the Default Security Group Rule?", and "How Can I Configure Security Group Rules?" in :ref:`FAQ `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2019-04-17 | Accepted in OTC-4.0/Agile-04.2019. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2019-04-12 | Modified the following content: | -| | | -| | - Modified the description for **DNS Server Address** in :ref:`Creating a VPC `, :ref:`Creating a Subnet for the VPC `, and :ref:`Modifying a Subnet `. | -| | | -| | Added the following content: | -| | | -| | - Added the note about **Resource** in :ref:`Creating a VPC Flow Log `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2019-04-10 | Modified the following content: | -| | | -| | - Added the description about **log-status** in :ref:`Viewing a VPC Flow Log `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2019-03-30 | Added the following content: | -| | | -| | - Added the **Enterprise Project** parameter in :ref:`Creating a VPC `, :ref:`Creating a Security Group `, and :ref:`Assigning an EIP and Binding It to an ECS `. | -| | - Added :ref:`Shared Bandwidth `. | -| | | -| | Deleted the following content: | -| | | -| | - Deleted the concepts of VPN, IPsec VPN, remote gateway, remote subnet, region, and project in :ref:`Basic Concepts `. | -| | - Deleted the FAQs related to VPN in :ref:`FAQ `. | -| | - Deleted the content related to "Configuring a VPC for ECSs That Access the Internet Through a VPN" in :ref:`Getting Started `. | -| | | -| | Modified the following content: | -| | | -| | - Updated console screenshots. | -| | - Optimized the description in section "Security Group Configuration Examples". | -| | - Added the support for S2 ECSs in :ref:`VPC Flow Log Overview `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2019-03-18 | Modified the following content: | -| | | -| | - Modified the example description in :ref:`Viewing a VPC Flow Log `. | -| | - Modified steps in :ref:`Creating a VPC Flow Log `. | -| | | -| | Added the following content: | -| | | -| | - Added use restrictions in :ref:`VPC Flow Log Overview `. | -| | - Updated the console screenshots in :ref:`Deleting a VPC Flow Log `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2019-03-01 | Added the following content: | -| | | -| | - Added :ref:`Document Usage Instructions `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2019-02-27 | Added the following content: | -| | | -| | - Added screenshots and examples in :ref:`Viewing a VPC Flow Log `. | -| | | -| | Modified the following content: | -| | | -| | - Modified description about the scenario in :ref:`Deleting a VPC Flow Log `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2019-02-25 | Added the following content: | -| | | -| | - Added :ref:`VPC Flow Log `. | -| | | -| | Deleted the following content: | -| | | -| | - Deleted the concepts of VPN, IPsec VPN, remote gateway, remote subnet, region, and project in :ref:`Basic Concepts `. | -| | - Deleted the FAQs related to VPN in :ref:`FAQ `. | -| | | -| | - Deleted the content related to "Configuring a VPC for ECSs That Access the Internet Through a VPN" in :ref:`Getting Started `. | -| | | -| | Modified the following content: | -| | | -| | - Optimized :ref:`Service Overview ` and added the product advantage description to :ref:`What Is Virtual Private Cloud? ` | -| | - Added :ref:`Security Group Configuration Examples `. The security group configuration examples are integrated into one section and the original independent sections are deleted. | -| | - Modified the description about how to switch to the **EIPs** page in :ref:`Elastic IP `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2019-02-23 | Added the following content: | -| | | -| | - Added the description about batch subnet creation in :ref:`VPC and Subnet `. | -| | - Added precautions about disabling a firewall in :ref:`Enabling or Disabling a Firewall `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2019-02-22 | Added the following content: | -| | | -| | Added the **Assign EIP** screenshot in :ref:`Assigning an EIP and Binding It to an ECS `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2019-02-15 | Added the following content: | -| | | -| | - Added the Anti-DDoS service restriction in :ref:`How Does an IPv6 Client on the Internet Access the ECS That Has an EIP Bound in a VPC? ` | -| | | -| | Added :ref:`Modifying a Security Group `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2019-02-11 | Deleted the following content: | -| | | -| | - Deleted the console screenshot from :ref:`Assigning an EIP and Binding It to an ECS `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2019-01-31 | Accepted in OTC-4.0. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2019-01-30 | Modified the following content: | -| | | -| | - Modified the table listing the parameters for creating a VPC in :ref:`VPC and Subnet `. | -| | - Modified the table listing the parameters for modifying a security group rule in :ref:`Adding a Security Group Rule `. | -| | - Added the link to the default security group rule introduction in :ref:`Adding a Security Group Rule `. | -| | - Modified the format of the exported file to Excel in :ref:`Exporting VPC List ` and :ref:`Importing and Exporting Security Group Rules `. | -| | - Changed the number of characters allowed for the **Description** field to **255** in :ref:`Creating a Firewall `. | -| | - Modified steps in :ref:`Managing EIP Tags `. | -| | - Added the **Monitoring Period** column to the table listing metrics in :ref:`Supported Metrics `. | -| | - Changed the maximum bandwidth size allowed to 1000 Mbit/s in :ref:`What Is the Bandwidth Size Range? ` | -| | - Modified the table listing subnet parameters in :ref:`Modifying a Subnet `. | -| | - Updated the security group description in :ref:`Security Group `. | -| | - Updated the VPC peering connection description in :ref:`VPC Peering Connection `. | -| | - Updated firewall description in :ref:`Firewall `. | -| | - Updated console screenshots in :ref:`Adding a Firewall Rule `. | -| | - Updated console screenshots in :ref:`Modifying a Firewall Rule `. | -| | | -| | Added the following content: | -| | | -| | - Added :ref:`Security Group Configuration Examples `. | -| | - Added :ref:`Modifying an EIP Bandwidth `. | -| | - Added description about disassociating and releasing multiple EIPs at a time in :ref:`Unbinding an EIP from an ECS and Releasing the EIP `. | -| | | -| | Deleted the following content: | -| | | -| | - Deleted description about the **Reject** action from :ref:`Adding a Firewall Rule `. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2018-12-30 | Modified the following content: | -| | | -| | - Modified description about how to switch to the security group and firewall pages based on the changes made on the management console. | -| | | -| | Added the following content: | -| | | -| | - Added section **Firewall** **Overview**. | -| | - Added section **Firewall** **Configuration Examples**. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2018-11-30 | Added the following content: | -| | | -| | - Added parameter **NTP Server Address** to the description about how to create a subnet. | -| | | -| | Modified the following content: | -| | | -| | - Updated the document based on changes made to the firewall console pages. | -| | | -| | - Added description about how to delete multiple firewall rules at a time and how to disassociate multiple subnets from a firewall at a time. | -| | - Changed parameter **Any** to **All**. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2018-09-18 | Accepted in OTC-3.2/AGile-09.2018. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2018-09-06 | Modified the following content: | -| | | -| | - Modified the content and changed some screenshots in the document based on the latest management console. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2018-08-30 | This release incorporates the following change: | -| | | -| | - Added section "Adding Instances to and Removing Them from a Security Group". | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2018-07-30 | This release incorporates the following changes: | -| | | -| | - Modified sections related to security groups: | -| | | -| | - Added section "Replicating a Security Group Rule". | -| | - Added section "Modifying a Security Group Rule". | -| | - Modified section "Deleting a Security Group Rule" and added description about how to delete multiple security group rules at a time. | -| | - Added section "Importing and Exporting Security Group Rules". | -| | | -| | - Modified the VPN sections: | -| | | -| | - Modified the step for switching to the VPN console. | -| | - Deleted sections related to VPNs. An independent VPN user guide will be provided. | -| | - Deleted section "VPN Best Practice". | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2018-06-30 | This release incorporates the following changes: | -| | | -| | - Optimized sections under "Service Overview." | -| | - Optimized sections under "Security Group". | -| | | -| | - Optimized section "Security Group Overview". | -| | | -| | - Optimized section "Default Security Groups and Security Group Rules". | -| | - Optimized section "Creating a Security Group". | -| | - Optimized section "Adding a Security Group Rule". | -| | - Optimized section "Fast-Adding Security Group Rules". | -| | - Added security group configuration examples. | -| | - Added section "Viewing the Security Group of an ECS". | -| | - Added section "Changing the Security Group of an ECS". | -| | | -| | - Categorized FAQs. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2018-06-11 | This release incorporates the following changes: | -| | | -| | - Added section "Monitoring". | -| | - Modified tag description. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2018-05-23 | Accepted in OTC 3.1. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2018-04-28 | This release incorporates the following changes: | -| | | -| | - Added description about VPN tagging. | -| | - Added the IPv6 address description. | -| | - Added section "Exporting VPC Information". | -| | - Modified the bandwidth range. | -| | - Modified the VPN modification screenshots. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2018-03-30 | This release incorporates the following changes: | -| | | -| | Deleted the IPv6 address description. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2018-02-28 | This release incorporates the following changes: | -| | | -| | Added the description that the security group description can contain a maximum of 128 characters. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2018-01-30 | This release incorporates the following changes: | -| | | -| | - Added description about the function of unbinding and releasing EIPs in batches. | -| | - Added description about the function that the negotiation mode of the IKE policy in the VPN can be configured. | -| | - Added the description that the security group description can contain a maximum of 64 characters. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2017-11-30 | This release incorporates the following changes: | -| | | -| | - Updated screenshots and steps based on the latest management console. | -| | - Added description to indicate that subnets can be created without specifying the AZ. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2017-10-30 | This release incorporates the following changes: | -| | | -| | - Added description about the fast security group rule adding function. | -| | - Added ECS security group configuration examples. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2017-09-30 | This release incorporates the following changes: | -| | | -| | - Added description to indicate that the peer project ID needs to be configured when a tenant creates a VPC peering connection with the VPC of another tenant. | -| | - Modified description in sections "Adding a Security Group Rule" and "Deleting a Security Group Rule" based on changes made to the network console. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2017-08-30 | This release incorporates the following changes: | -| | | -| | - Added section "Managing Subnet Tags". | -| | - Added description about the VPC, subnet, and EIP tags. | -| | - Added section "Security Group Overview". | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2017-07-30 | This release incorporates the following changes: | -| | | -| | - Added description about how to enable shared SNAT on the management console. | -| | - Added section "Managing VPC Tags". | -| | - Added section "Managing EIP Tags". | -| | - Changed the number of routes allowed in a route table by default to **100**. | -| | - Updated procedures in sections "VPC and Subnet" and "Custom Route" based on changes made to the network console. | -| | - Added description about the multi-project feature. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2017-06-30 | This release incorporates the following change: | -| | | -| | - Added description about the virtual IP address feature. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2017-05-30 | This release incorporates the following change: | -| | | -| | - Added FAQ **How Does an IPv6 Client on the Internet Access the ECS That Has an EIP Bound in a VPC?** | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2017-04-28 | This release incorporates the following change: | -| | | -| | - Added description about how to add DNS server addresses during subnet information modification. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2017-03-30 | This release incorporates the following change: | -| | | -| | - Added description about the firewall function. | -| | - Added description about the shared SNAT function. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2017-02-28 | This release incorporates the following change: | -| | | -| | - Deleted description about the button for disabling the DHCP function. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2017-02-24 | This release incorporates the following change: | -| | | -| | - Added description about the VPC peering function. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2017-01-12 | This release incorporates the following change: | -| | | -| | - Added description about the custom route table function. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2016-10-19 | This release incorporates the following change: | -| | | -| | - Updated the Help Center URL of the VPN service. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2016-07-15 | This release incorporates the following changes: | -| | | -| | - Modified the VPN authentication algorithm. | -| | - Optimized the traffic metering function. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ -| 2016-03-14 | This issue is the first official release. | -+-----------------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| Released On | Description | ++===================================+==================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================================+ +| 2024-05-06 | This release incorporates the following changes: | +| | | +| | Removed step links in :ref:`Configuring a VPC for ECSs That Do Not Require Internet Access ` and :ref:`Configuring a VPC for ECSs That Access the Internet Using EIPs `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2024-04-25 | This release incorporates the following changes: | +| | | +| | - Modified the procedure for deleting routes for a VPC peering connection between VPCs in different accounts in :ref:`Deleting Routes Configured for a VPC Peering Connection `. | +| | - Modified the figure for creating a route table in :ref:`Creating a Custom Route Table `. | +| | - Modified the figure for adding a custom route in :ref:`Adding a Custom Route `. | +| | - Added descriptions about **Destination Type** in :ref:`Adding a Custom Route ` and :ref:`Modifying a Route `. | +| | - Added descriptions about security group templates in the table "Security group configuration process description" in :ref:`Security Groups and Security Group Rules `. | +| | - Modified descriptions about the security groups in the parameter descriptions in :ref:`Adding a Security Group Rule ` and :ref:`Importing and Exporting Security Group Rules `. | +| | - Added step links in :ref:`Configuring a VPC for ECSs That Do Not Require Internet Access ` and :ref:`Configuring a VPC for ECSs That Access the Internet Using EIPs `. | +| | - Added figures for creating and viewing resources. | +| | - Deleted the content related to the IP address groups. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2024-04-22 | This release incorporates the following changes: | +| | | +| | - Added description about security group templates and related operations in :ref:`Creating a Security Group `. | +| | - Modified the description of adding routes for the VPC peering connection in :ref:`Creating a VPC Peering Connection with Another VPC in Your Account `, :ref:`Creating a VPC Peering Connection with a VPC in Another Account `, :ref:`Modifying Routes Configured for a VPC Peering Connection `, :ref:`Viewing Routes Configured for a VPC Peering Connection `, and :ref:`Deleting Routes Configured for a VPC Peering Connection `. | +| | - Added constraints on importing security group rules in :ref:`Importing and Exporting Security Group Rules `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2024-04-18 | This release incorporates the following changes: | +| | | +| | Modified the maximum number of custom routes that can be added to a route table in :ref:`How Many Routes Can I Add to a Route Table? `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2024-04-16 | This release incorporates the following changes: | +| | | +| | - Modified the procedure for changing the CIDR block of a VPC in :ref:`Modifying a VPC `. | +| | - Updated the Table 1 application scenarios of IPv4/IPv6 dual stack in :ref:`IPv4 and IPv6 Dual-Stack Network `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2024-03-27 | This release incorporates the following changes: | +| | | +| | - Changed **VPCReadOnlyAccess** and **VPCFullAccess** into **VPC ReadOnlyAccess** and **VPC FullAccess**. | +| | - Modified the subnet description in :ref:`Subnet `. | +| | - Deleted parameter **Fast-add rule** in :ref:`Creating a Security Group `. | +| | - Added the description indicating that if the secondary IPv4 CIDR block function is available in a region, the CIDR block of a VPC in this region cannot be modified through the console in :ref:`Modifying a VPC ` and :ref:`Adding a Secondary IPv4 CIDR Block to a VPC `. | +| | - Added the procedure for exporting the list of shared bandwidths in :ref:`Exporting Shared Bandwidths `. | +| | - Modified the operation procedure and figures in :ref:`Adding EIPs to a Shared Bandwidth ` and :ref:`Removing EIPs from a Shared Bandwidth `. | +| | - Modified the procedure for exporting the resource list in :ref:`Exporting VPC List `, :ref:`Exporting Subnet List `, :ref:`Importing and Exporting Security Group Rules `, :ref:`Exporting EIP Information `, and :ref:`Exporting Route Table Information `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2024-02-29 | This release incorporates the following changes: | +| | | +| | - Deleted parameter **Destination Address** in :ref:`Creating a Custom Route Table `, :ref:`Adding a Custom Route `, and :ref:`Modifying a Route `. | +| | - Deleted the descriptions about IP address groups in :ref:`Adding a Firewall Rule ` and :ref:`Modifying a Firewall Rule `. | +| | - Modified the subnet description in :ref:`Subnet `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2024-02-18 | This release incorporates the following changes: | +| | | +| | Added :ref:`What Are the Differences Between 5_bgp, 5_mailbgp, and 5_gray EIPs? ` | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2024-02-02 | This release incorporates the following changes: | +| | | +| | Modified figures in :ref:`Creating a Custom Route Table ` and :ref:`Adding a Custom Route `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2024-01-16 | This release incorporates the following changes: | +| | | +| | Modified the figure for creating a subnet in :ref:`Creating a Subnet for the VPC `, :ref:`Step 2: Create a Subnet for the VPC `, and :ref:`Step 2: Create a Subnet for the VPC `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2024-01-02 | This release incorporates the following changes: | +| | | +| | Modified the parameter descriptions in sections :ref:`Adding a Security Group Rule ` and :ref:`Adding a Firewall Rule `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2023-12-19 | This release incorporates the following changes: | +| | | +| | - Added screenshots in :ref:`How Do I Configure a Security Group for Multi-Channel Protocols? ` | +| | - Modified the table in :ref:`Why Can't I Delete My VPCs and Subnets? ` | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2023-12-18 | This release incorporates the following changes: | +| | | +| | Added IPv6-related content. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2023-12-12 | This release incorporates the following changes: | +| | | +| | Added descriptions about security group and IP address group as source or destination in :ref:`Adding a Security Group Rule `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2023-11-30 | This release incorporates the following changes: | +| | | +| | Added descriptions about IP address groups as source and destination in :ref:`Adding a Firewall Rule `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2023-11-14 | This release incorporates the following changes: | +| | | +| | Added the following content: | +| | | +| | Added description about allowing common ports with a few clicks in :ref:`Allowing Common Ports with A Few Clicks `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2023-10-10 | This release incorporates the following changes: | +| | | +| | - Added the figure for configuring route tables in :ref:`Route Table `. | +| | - Modified :ref:`Step 4: Add a Security Group Rule `. | +| | | +| | - Changed the location of parameter **Type**. | +| | - Added protocol **GRE**. | +| | | +| | - Modified :ref:`Step 5: Add a Security Group Rule ` and :ref:`Adding a Security Group Rule `. | +| | | +| | - Added description that each ECS must be associated with at least one security group. | +| | - Modified description about port. | +| | - Changed the location of parameter **Type**. | +| | - Added protocol **GRE**. | +| | | +| | - Added the function of adding multiple tags for search in :ref:`Managing VPC Tags `. | +| | - Added figures and modified steps in :ref:`Viewing and Deleting Resources in a Subnet `. | +| | - Modified :ref:`Security Groups and Security Group Rules `. | +| | | +| | - Added protocol **GRE** and deleted content about **Action**. | +| | - Modified description about security group sg-AB. | +| | - Added description about security group configuration. | +| | - Added support for IPv6. | +| | | +| | - Changed the section name in :ref:`Default Security Group and Its Rules `. | +| | - Optimized description in :ref:`Creating a Security Group `. | +| | - Modified the figure and added parameter **Type** in :ref:`Fast-Adding Security Group Rules `. | +| | - Modified notes and constraints in :ref:`Importing and Exporting Security Group Rules `. | +| | - Added description about the maximum number of security groups that can be created in :ref:`Creating a Firewall `. | +| | - Modified figures and parameter settings in :ref:`Adding a Firewall Rule `. | +| | - Added the route table quota in notes and constraints in :ref:`Creating a Custom Route Table `. | +| | - Added constraints on the maximum number of routes that can be added to a route table in :ref:`Adding a Custom Route `. | +| | - Modified :ref:`Creating a VPC Peering Connection with Another VPC in Your Account `. | +| | | +| | - Added description that you need to add routes to the route tables of the local and peer VPCs after creating a VPC peering connection. | +| | - Added parameter **Description** for creating a VPC peering connection. | +| | | +| | - Added parameter **Description** for creating a VPC peering connection in :ref:`Creating a VPC Peering Connection with a VPC in Another Account `. | +| | | +| | - Added description about the maximum number of flow log records that can be recorded in :ref:`VPC Flow Log Overview `. | +| | - Modified the section name and scenarios in :ref:`Disabling Source and Destination Check (HA Load Balancing Cluster Scenario) `. | +| | - Modified the verification procedure in :ref:`Creating a User and Granting VPC Permissions `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2023-09-08 | This release incorporates the following changes: | +| | | +| | Updated the following content: | +| | | +| | - Optimized description in :ref:`Step 4: Add a Security Group Rule `. | +| | - Optimized the procedure for verifying IAM permissions in :ref:`Creating a User and Granting VPC Permissions `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2023-07-18 | This release incorporates the following changes: | +| | | +| | Updated the following content: | +| | | +| | Added description about enabling shared SNAT using an API in :ref:`Shared SNAT `. | +| | | +| | Security group | +| | | +| | Firewall | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2023-06-12 | This release incorporates the following changes: | +| | | +| | Updated the following content: | +| | | +| | Added description about viewing monitoring metrics in :ref:`Viewing Metrics `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2023-05-26 | This release incorporates the following changes: | +| | | +| | Added the following content: | +| | | +| | Added information about cloning a security group in :ref:`Cloning a Security Group `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2023-05-17 | This release incorporates the following changes: | +| | | +| | Updated the following content: | +| | | +| | Modified the procedure for viewing monitoring metrics in :ref:`Viewing Metrics `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2023-04-28 | This release incorporates the following changes: | +| | | +| | Updated the following content: | +| | | +| | Modified the links of sections "Binding an EIP" and "Unbinding an EIP" in :ref:`Assigning an EIP and Binding It to an ECS ` and :ref:`Unbinding an EIP from an ECS and Releasing the EIP `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2023-04-20 | This release incorporates the following changes: | +| | | +| | Updated the following content: | +| | | +| | - Added description that BMS user-defined network is available only in eu-de. | +| | - Added the step for viewing NIC details to :ref:`Disabling Source and Destination Check (HA Load Balancing Cluster Scenario) `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2023-02-15 | This release incorporates the following changes: | +| | | +| | Updated the following content: | +| | | +| | Modified links in :ref:`What Is Virtual Private Cloud? ` and :ref:`Can I Bind an EIP to Multiple ECSs? ` | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2023-01-10 | This release incorporates the following changes: | +| | | +| | Updated the following content: | +| | | +| | Modified steps in :ref:`Subnet ` and :ref:`Elastic IP `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2022-12-12 | This release incorporates the following changes: | +| | | +| | Updated the following content: | +| | | +| | Added description that EIPs of the Dedicated Load Balancer (5_gray) type cannot be created in :ref:`Step 3: Assign an EIP and Bind It to an ECS `, :ref:`Assigning an EIP and Binding It to an ECS `, and :ref:`Can I Bind an EIP to Multiple ECSs? `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2022-11-15 | This release incorporates the following changes: | +| | | +| | Added support for binding and unbinding EIPs of the Dedicated Load Balancer (5_gray) type using APIs in :ref:`Step 3: Assign an EIP and Bind It to an ECS `, :ref:`Assigning an EIP and Binding It to an ECS `, and :ref:`Unbinding an EIP from an ECS and Releasing the EIP `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2022-10-20 | Modified the following content: | +| | | +| | Modified the bandwidth range in :ref:`What Is the Bandwidth Size Range? ` | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2022-09-07 | Added the following content: | +| | | +| | - Added description about binding EIPs of the dedicated load balancer **(5_gray)** type to load balancers in :ref:`Assigning an EIP and Binding It to an ECS `. | +| | - Added description about binding EIPs of the dedicated load balancer **(5_gray)** type to load balancers in :ref:`Unbinding an EIP from an ECS and Releasing the EIP `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2022-06-25 | Added the following content: | +| | | +| | - Modified constraints on EIPs dedicated for dedicated load balancers in :ref:`Assigning an EIP and Binding It to an ECS `. | +| | - Modified constraints on EIP binding to load balancers in :ref:`Unbinding an EIP from an ECS and Releasing the EIP `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2022-02-15 | Added the following content: | +| | | +| | - Added constraints on EIPs dedicated for dedicated load balancers in :ref:`Assigning an EIP and Binding It to an ECS `. | +| | - Added description about the default reverse domain name of an EIP in \ :ref:`Step 3: Assign an EIP and Bind It to an ECS ` and :ref:`Assigning an EIP and Binding It to an ECS `. | +| | - Added constraints on EIPs dedicated for dedicated load balancers in :ref:`Assigning an EIP and Binding It to an ECS ` and :ref:`Adding EIPs to a Shared Bandwidth `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2021-08-25 | Modified the following content: | +| | | +| | Deleted content about IP address groups. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2021-06-18 | Modified the following content: | +| | | +| | Updated screenshots and deleted the **Bandwidth Type** parameter in :ref:`Step 3: Assign an EIP and Bind It to an ECS ` and :ref:`Assigning an EIP and Binding It to an ECS `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2021-05-10 | Added the following content: | +| | | +| | Added constraints on EIPs dedicated for dedicated load balancers in :ref:`Assigning an EIP and Binding It to an ECS `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2021-05-08 | Added the following content: | +| | | +| | - Added description about the default reverse domain name of an EIP in :ref:`Assigning an EIP and Binding It to an ECS `. | +| | - Added description about modifying a dedicated bandwidth or shared bandwidth in :ref:`Modifying an EIP Bandwidth `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2021-03-16 | Added the following FAQ: | +| | | +| | - :ref:`What Bandwidth Types Are Available? ` | +| | - :ref:`What Are the Differences Between a Dedicated Bandwidth and a Shared Bandwidth? ` | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2020-12-16 | This release incorporates the following changes: | +| | | +| | - Deleted the restriction on the number of ECS NICs for SNAT in :ref:`Are There Any Restrictions on Using a Route Table? ` | +| | - Added the procedure for binding a virtual IP address to an ECS in :ref:`Binding a Virtual IP Address to an EIP or ECS `. | +| | - Added description about enabling ports 465 and 587 for Mail BGP EIPs in :ref:`Assigning an EIP and Binding It to an ECS `. | +| | - Modified or added content in **Notes and Constraints**. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2020-07-28 | Modified the following content: | +| | | +| | Changed the maximum number of tags that can be added to 20 in :ref:`Managing VPC Tags ` and :ref:`Managing Subnet Tags `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2020-05-30 | Added the following content: | +| | | +| | Added basic information to :ref:`Security Groups and Security Group Rules ` and :ref:`Firewall Overview `. | +| | | +| | Modified the following content: | +| | | +| | - Added rules in :ref:`Firewall Configuration Examples `. | +| | - Modified :ref:`Does a Modified Security Group Rule or a Firewall Rule Take Effect Immediately for Existing Connections? ` | +| | - Modified :ref:`Why Can't I Delete My VPCs and Subnets? ` | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2020-02-25 | Added the following content: | +| | | +| | - Added :ref:`Shared Bandwidth `. | +| | | +| | Modified the following content: | +| | | +| | - Modified steps in :ref:`Elastic IP `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2020-02-12 | Added the following content: | +| | | +| | Added description that VPC flow logs support S2 ECSs in :ref:`VPC Flow Log `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2020-01-08 | Added the following content: | +| | | +| | - Added function and namespace description and optimized information in tables in :ref:`Supported Metrics `. | +| | - Added :ref:`Region and AZ `. | +| | - Added the example of allowing external access to a specified port in :ref:`Security Group Configuration Examples `. | +| | | +| | Modified the following content: | +| | | +| | - Added **Subnet** and **VPC** as the type of resources whose traffic is to be logged in :ref:`VPC Flow Log `. | +| | | +| | - Updated screenshots in :ref:`Adding a Security Group Rule ` and :ref:`Fast-Adding Security Group Rules `. | +| | - Optimized figure examples in this document. | +| | - Optimized descriptions in :ref:`Firewall Configuration Examples `. | +| | - Optimized descriptions in :ref:`Firewall Overview `. | +| | - Changed the position of :ref:`Access Control `. | +| | - Optimized :ref:`What Is a Quota? ` | +| | | +| | Deleted the following content: | +| | | +| | - Deleted section "Deleting a VPN". | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2020-03-06 | Modified the following content: | +| | | +| | - Modified the steps in :ref:`Assigning an EIP and Binding It to an ECS `, :ref:`Elastic IP `, and :ref:`Shared Bandwidth `. | +| | - Updated screenshots in :ref:`Modifying a Shared Bandwidth `. | +| | - Updated screenshots and parameter description in :ref:`Creating a Subnet for the VPC `. | +| | - Modified steps in :ref:`Assigning a Virtual IP Address `, :ref:`Binding a Virtual IP Address to an EIP or ECS `, and :ref:`Releasing a Virtual IP Address `. | +| | - Updated screenshots in :ref:`VPC Peering Connection `. | +| | - Modified description in :ref:`How Many Routes Can I Add to a Route Table? ` | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2019-12-13 | Added the following content: | +| | | +| | - Added restrictions on ports and port ranges in :ref:`Security Groups and Security Group Rules `. | +| | - Added description about IP address groups in :ref:`Importing and Exporting Security Group Rules `. | +| | - Added impacts caused by IP address group modification or deletion in "Managing an IP Address Group". | +| | | +| | Modified the following content: | +| | | +| | - Modified description and value examples of the port and source in :ref:`Step 4: Add a Security Group Rule ` and :ref:`Adding a Security Group Rule `. | +| | - Optimized note description in :ref:`Importing and Exporting Security Group Rules `. | +| | - Changed firewall to firewalls in :ref:`Creating a Firewall `. | +| | - Optimized description about the scenario in :ref:`Changing the Sequence of a Firewall Rule `. | +| | - Optimized description about the scenario in :ref:`Creating an Alarm Rule `. | +| | - Updated screenshots in :ref:`Adding a Security Group Rule ` and :ref:`Fast-Adding Security Group Rules `. | +| | - Optimized figure examples in this document. | +| | - Optimized descriptions in :ref:`Firewall Configuration Examples `. | +| | - Optimized descriptions in :ref:`Firewall Overview `. | +| | - Changed the position of :ref:`Access Control `. | +| | | +| | Deleted the following content: | +| | | +| | - Deleted section "Deleting a VPN". | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2019-11-29 | Added the following content: | +| | | +| | - Added section "IP Address Group". | +| | - Added port format and IP address group when configuring security group rules in :ref:`Adding a Security Group Rule `. | +| | - Added function and namespace description and optimized information in tables in :ref:`Supported Metrics `. | +| | - Added :ref:`Region and AZ `. | +| | | +| | Modified the following content: | +| | | +| | Optimized :ref:`What Is a Quota? ` | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2019-11-05 | Modified the following content: | +| | | +| | Added **Subnet** and **VPC** as the type of resources whose traffic is to be logged in :ref:`VPC Flow Log `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2019-08-30 | Added the following content: | +| | | +| | - Added the example of allowing external access to a specified port in :ref:`Security Group Configuration Examples `. | +| | - Added description that EIP type cannot be changed in :ref:`Step 3: Assign an EIP and Bind It to an ECS ` and :ref:`Assigning an EIP and Binding It to an ECS `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2019-08-23 | Modified the following content: | +| | | +| | Optimized description about **NTP Server Address** in :ref:`Modifying a Subnet `. | +| | | +| | Added the following content: | +| | | +| | Added descriptions about route types in :ref:`Route Table `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2019-08-16 | Added the following content: | +| | | +| | Added :ref:`Exporting Route Table Information `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2019-08-09 | Added the following content: | +| | | +| | - Added parameters **Type** and **Bandwidth Type** to :ref:`Step 3: Assign an EIP and Bind It to an ECS ` and :ref:`Assigning an EIP and Binding It to an ECS `. | +| | - Added description about how to replicate multiple routes in :ref:`Replicating a Route `. | +| | - Added the description about **Next Hop Type** in :ref:`Adding a Custom Route `. | +| | | +| | Modified the following content: | +| | | +| | - Modified description about **NTP Server Address** in :ref:`Modifying a Subnet `. | +| | - Modified description about replication in the "Default Route Table and Custom Route Table" part in :ref:`Route Tables and Routes `. | +| | - Modified descriptions about system routes and custom routes in :ref:`Route Tables and Routes `. | +| | - Modified description about usage restrictions in :ref:`Route Tables and Routes `. | +| | | +| | Deleted the following content: | +| | | +| | - Deleted parameter **Enterprise Project** from the document. | +| | - Deleted the Cloud Connect service from the "Default Route Table and Custom Route Table" part in :ref:`Route Tables and Routes `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2019-08-02 | Added the following content based on the RM-584 requirements: | +| | | +| | - Added subnet parameter description in :ref:`Modifying a Subnet `. | +| | | +| | Modified the following content based on the RM-584 requirements: | +| | | +| | - Added prerequisites in :ref:`Releasing a Virtual IP Address `. | +| | - Optimized description about scenarios and prerequisites in :ref:`Deleting a Subnet `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2019-07-22 | Added the following content: | +| | | +| | Added :ref:`Enabling or Disabling VPC Flow Log `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2019-06-04 | Optimized the description in the following sections: | +| | | +| | - :ref:`What Is an EIP? ` | +| | - :ref:`Step 2: Create a Subnet for the VPC ` | +| | - :ref:`Creating a Subnet for the VPC ` | +| | - :ref:`Route Table ` | +| | - :ref:`Virtual IP Address ` | +| | - :ref:`Virtual IP Address Overview ` | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2019-05-31 | Modified the following sections related to subnets and route tables based on the RM-584 requirements: | +| | | +| | - :ref:`Route Table ` | +| | - :ref:`Modifying a VPC ` | +| | - :ref:`Creating a Subnet for the VPC ` | +| | - :ref:`Modifying a Subnet ` | +| | - :ref:`Managing Subnet Tags ` | +| | - :ref:`Creating a VPC Peering Connection with Another VPC in Your Account ` | +| | - :ref:`Creating a VPC Peering Connection with a VPC in Another Account ` | +| | - :ref:`Viewing Routes Configured for a VPC Peering Connection ` | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2019-05-29 | Added the following content: | +| | | +| | - Added a note in :ref:`Deleting a VPC Flow Log `. | +| | - Added a note about changing the NTP server address in :ref:`Modifying a Subnet `. | +| | | +| | Modified the following content: | +| | | +| | - Modified description about **NTP Server Address** in :ref:`Creating a VPC `, :ref:`Creating a Subnet for the VPC `, and :ref:`Modifying a Subnet `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2019-05-24 | Modified the following content: | +| | | +| | - Deleted description about DHCP in :ref:`What Is Virtual Private Cloud? `. | +| | - Modified description about **NTP Server Address** in :ref:`Creating a VPC `, :ref:`Creating a Subnet for the VPC `, and :ref:`Modifying a Subnet `. | +| | - Optimized :ref:`Elastic IP `. | +| | - Updated the description and screenshot in :ref:`Creating a VPC Peering Connection with Another VPC in Your Account ` and :ref:`Creating a VPC Peering Connection with a VPC in Another Account ` based on the latest management console page. | +| | - Updated sections :ref:`VPC Flow Log Overview ` and :ref:`Creating a VPC Flow Log `. | +| | | +| | Added the following content: | +| | | +| | - Added description about **Advanced Settings** and updated screenshots in :ref:`Creating a VPC ` and :ref:`Creating a Subnet for the VPC `. | +| | - Added "Obtaining the Peer VPC ID" in :ref:`Creating a VPC Peering Connection with a VPC in Another Account `. | +| | - Added two precautions in :ref:`Virtual IP Address Overview `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2019-04-28 | Modified the following content: | +| | | +| | - Modified the incorrect word spelling in :ref:`Viewing a VPC Flow Log `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2019-04-25 | Added the following content: | +| | | +| | - Added a note in :ref:`Creating a VPC Flow Log `. | +| | - Added the description about no VPC flow log records in :ref:`Viewing a VPC Flow Log `. | +| | - Added :ref:`Security Group Configuration Examples `. The security group configuration examples are integrated into one section and the original independent sections are deleted. | +| | | +| | Modified the following content: | +| | | +| | - Modified description information about **Enterprise Project**. | +| | - Optimized :ref:`Service Overview ` and added the product advantage description to :ref:`What Is Virtual Private Cloud? ` | +| | - Modified the description about how to switch to the **EIPs** page in :ref:`Elastic IP `. | +| | - Modified the description about how to switch to the **Shared Bandwidths** page in :ref:`Shared Bandwidth `. | +| | | +| | Deleted the following content: | +| | | +| | - Deleted "What Is a Security Group?", "Which Protocols Does a Security Group Support?", "What Are the Functions of the Default Security Group Rule?", and "How Can I Configure Security Group Rules?" in :ref:`FAQ `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2019-04-17 | Accepted in OTC-4.0/Agile-04.2019. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2019-04-12 | Modified the following content: | +| | | +| | - Modified the description for **DNS Server Address** in :ref:`Creating a VPC `, :ref:`Creating a Subnet for the VPC `, and :ref:`Modifying a Subnet `. | +| | | +| | Added the following content: | +| | | +| | - Added the note about **Resource** in :ref:`Creating a VPC Flow Log `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2019-04-10 | Modified the following content: | +| | | +| | - Added the description about **log-status** in :ref:`Viewing a VPC Flow Log `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2019-03-30 | Added the following content: | +| | | +| | - Added the **Enterprise Project** parameter in :ref:`Creating a VPC `, :ref:`Creating a Security Group `, and :ref:`Assigning an EIP and Binding It to an ECS `. | +| | - Added :ref:`Shared Bandwidth `. | +| | | +| | Deleted the following content: | +| | | +| | - Deleted the concepts of VPN, IPsec VPN, remote gateway, remote subnet, region, and project in :ref:`Basic Concepts `. | +| | - Deleted the FAQs related to VPN in :ref:`FAQ `. | +| | - Deleted the content related to "Configuring a VPC for ECSs That Access the Internet Through a VPN" in :ref:`Getting Started `. | +| | | +| | Modified the following content: | +| | | +| | - Updated console screenshots. | +| | - Optimized the description in section "Security Group Configuration Examples". | +| | - Added the support for S2 ECSs in :ref:`VPC Flow Log Overview `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2019-03-18 | Modified the following content: | +| | | +| | - Modified the example description in :ref:`Viewing a VPC Flow Log `. | +| | - Modified steps in :ref:`Creating a VPC Flow Log `. | +| | | +| | Added the following content: | +| | | +| | - Added use restrictions in :ref:`VPC Flow Log Overview `. | +| | - Updated the console screenshots in :ref:`Deleting a VPC Flow Log `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2019-03-01 | Added the following content: | +| | | +| | - Added :ref:`Document Usage Instructions `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2019-02-27 | Added the following content: | +| | | +| | - Added screenshots and examples in :ref:`Viewing a VPC Flow Log `. | +| | | +| | Modified the following content: | +| | | +| | - Modified description about the scenario in :ref:`Deleting a VPC Flow Log `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2019-02-25 | Added the following content: | +| | | +| | - Added :ref:`VPC Flow Log `. | +| | | +| | Deleted the following content: | +| | | +| | - Deleted the concepts of VPN, IPsec VPN, remote gateway, remote subnet, region, and project in :ref:`Basic Concepts `. | +| | - Deleted the FAQs related to VPN in :ref:`FAQ `. | +| | | +| | - Deleted the content related to "Configuring a VPC for ECSs That Access the Internet Through a VPN" in :ref:`Getting Started `. | +| | | +| | Modified the following content: | +| | | +| | - Optimized :ref:`Service Overview ` and added the product advantage description to :ref:`What Is Virtual Private Cloud? ` | +| | - Added :ref:`Security Group Configuration Examples `. The security group configuration examples are integrated into one section and the original independent sections are deleted. | +| | - Modified the description about how to switch to the **EIPs** page in :ref:`Elastic IP `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2019-02-23 | Added the following content: | +| | | +| | - Added the description about batch subnet creation in :ref:`VPC and Subnet `. | +| | - Added precautions about disabling a firewall in :ref:`Enabling or Disabling a Firewall `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2019-02-22 | Added the following content: | +| | | +| | Added the **Assign EIP** screenshot in :ref:`Assigning an EIP and Binding It to an ECS `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2019-02-15 | Added the following content: | +| | | +| | - Added the Anti-DDoS service restriction in :ref:`How Does an IPv6 Client on the Internet Access the ECS That Has an EIP Bound in a VPC? ` | +| | | +| | Added :ref:`Modifying a Security Group `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2019-02-11 | Deleted the following content: | +| | | +| | - Deleted the console screenshot from :ref:`Assigning an EIP and Binding It to an ECS `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2019-01-31 | Accepted in OTC-4.0. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2019-01-30 | Modified the following content: | +| | | +| | - Modified the table listing the parameters for creating a VPC in :ref:`VPC and Subnet `. | +| | - Modified the table listing the parameters for modifying a security group rule in :ref:`Adding a Security Group Rule `. | +| | - Added the link to the default security group rule introduction in :ref:`Adding a Security Group Rule `. | +| | - Modified the format of the exported file to Excel in :ref:`Exporting VPC List ` and :ref:`Importing and Exporting Security Group Rules `. | +| | - Changed the number of characters allowed for the **Description** field to **255** in :ref:`Creating a Firewall `. | +| | - Modified steps in :ref:`Managing EIP Tags `. | +| | - Added the **Monitoring Period** column to the table listing metrics in :ref:`Supported Metrics `. | +| | - Changed the maximum bandwidth size allowed to 1000 Mbit/s in :ref:`What Is the Bandwidth Size Range? ` | +| | - Modified the table listing subnet parameters in :ref:`Modifying a Subnet `. | +| | - Updated the security group description in :ref:`Security Group `. | +| | - Updated the VPC peering connection description in :ref:`VPC Peering Connection `. | +| | - Updated firewall description in :ref:`Firewall `. | +| | - Updated console screenshots in :ref:`Adding a Firewall Rule `. | +| | - Updated console screenshots in :ref:`Modifying a Firewall Rule `. | +| | | +| | Added the following content: | +| | | +| | - Added :ref:`Security Group Configuration Examples `. | +| | - Added :ref:`Modifying an EIP Bandwidth `. | +| | - Added description about disassociating and releasing multiple EIPs at a time in :ref:`Unbinding an EIP from an ECS and Releasing the EIP `. | +| | | +| | Deleted the following content: | +| | | +| | - Deleted description about the **Reject** action from :ref:`Adding a Firewall Rule `. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2018-12-30 | Modified the following content: | +| | | +| | - Modified description about how to switch to the security group and firewall pages based on the changes made on the management console. | +| | | +| | Added the following content: | +| | | +| | - Added section **Firewall** **Overview**. | +| | - Added section **Firewall** **Configuration Examples**. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2018-11-30 | Added the following content: | +| | | +| | - Added parameter **NTP Server Address** to the description about how to create a subnet. | +| | | +| | Modified the following content: | +| | | +| | - Updated the document based on changes made to the firewall console pages. | +| | | +| | - Added description about how to delete multiple firewall rules at a time and how to disassociate multiple subnets from a firewall at a time. | +| | - Changed parameter **Any** to **All**. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2018-09-18 | Accepted in OTC-3.2/AGile-09.2018. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2018-09-06 | Modified the following content: | +| | | +| | - Modified the content and changed some screenshots in the document based on the latest management console. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2018-08-30 | This release incorporates the following change: | +| | | +| | - Added section "Adding Instances to and Removing Them from a Security Group". | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2018-07-30 | This release incorporates the following changes: | +| | | +| | - Modified sections related to security groups: | +| | | +| | - Added section "Replicating a Security Group Rule". | +| | - Added section "Modifying a Security Group Rule". | +| | - Modified section "Deleting a Security Group Rule" and added description about how to delete multiple security group rules at a time. | +| | - Added section "Importing and Exporting Security Group Rules". | +| | | +| | - Modified the VPN sections: | +| | | +| | - Modified the step for switching to the VPN console. | +| | - Deleted sections related to VPNs. An independent VPN user guide will be provided. | +| | - Deleted section "VPN Best Practice". | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2018-06-30 | This release incorporates the following changes: | +| | | +| | - Optimized sections under "Service Overview." | +| | - Optimized sections under "Security Group". | +| | | +| | - Optimized section "Security Group Overview". | +| | | +| | - Optimized section "Default Security Groups and Security Group Rules". | +| | - Optimized section "Creating a Security Group". | +| | - Optimized section "Adding a Security Group Rule". | +| | - Optimized section "Fast-Adding Security Group Rules". | +| | - Added security group configuration examples. | +| | - Added section "Viewing the Security Group of an ECS". | +| | - Added section "Changing the Security Group of an ECS". | +| | | +| | - Categorized FAQs. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2018-06-11 | This release incorporates the following changes: | +| | | +| | - Added section "Monitoring". | +| | - Modified tag description. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2018-05-23 | Accepted in OTC 3.1. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2018-04-28 | This release incorporates the following changes: | +| | | +| | - Added description about VPN tagging. | +| | - Added the IPv6 address description. | +| | - Added section "Exporting VPC Information". | +| | - Modified the bandwidth range. | +| | - Modified the VPN modification screenshots. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2018-03-30 | This release incorporates the following changes: | +| | | +| | Deleted the IPv6 address description. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2018-02-28 | This release incorporates the following changes: | +| | | +| | Added the description that the security group description can contain a maximum of 128 characters. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2018-01-30 | This release incorporates the following changes: | +| | | +| | - Added description about the function of unbinding and releasing EIPs in batches. | +| | - Added description about the function that the negotiation mode of the IKE policy in the VPN can be configured. | +| | - Added the description that the security group description can contain a maximum of 64 characters. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2017-11-30 | This release incorporates the following changes: | +| | | +| | - Updated screenshots and steps based on the latest management console. | +| | - Added description to indicate that subnets can be created without specifying the AZ. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2017-10-30 | This release incorporates the following changes: | +| | | +| | - Added description about the fast security group rule adding function. | +| | - Added ECS security group configuration examples. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2017-09-30 | This release incorporates the following changes: | +| | | +| | - Added description to indicate that the peer project ID needs to be configured when a tenant creates a VPC peering connection with the VPC of another tenant. | +| | - Modified description in sections "Adding a Security Group Rule" and "Deleting a Security Group Rule" based on changes made to the network console. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2017-08-30 | This release incorporates the following changes: | +| | | +| | - Added section "Managing Subnet Tags". | +| | - Added description about the VPC, subnet, and EIP tags. | +| | - Added section "Security Group Overview". | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2017-07-30 | This release incorporates the following changes: | +| | | +| | - Added description about how to enable shared SNAT on the management console. | +| | - Added section "Managing VPC Tags". | +| | - Added section "Managing EIP Tags". | +| | - Changed the number of routes allowed in a route table by default to **100**. | +| | - Updated procedures in sections "VPC and Subnet" and "Custom Route" based on changes made to the network console. | +| | - Added description about the multi-project feature. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2017-06-30 | This release incorporates the following change: | +| | | +| | - Added description about the virtual IP address feature. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2017-05-30 | This release incorporates the following change: | +| | | +| | - Added FAQ **How Does an IPv6 Client on the Internet Access the ECS That Has an EIP Bound in a VPC?** | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2017-04-28 | This release incorporates the following change: | +| | | +| | - Added description about how to add DNS server addresses during subnet information modification. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2017-03-30 | This release incorporates the following change: | +| | | +| | - Added description about the firewall function. | +| | - Added description about the shared SNAT function. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2017-02-28 | This release incorporates the following change: | +| | | +| | - Deleted description about the button for disabling the DHCP function. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2017-02-24 | This release incorporates the following change: | +| | | +| | - Added description about the VPC peering function. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2017-01-12 | This release incorporates the following change: | +| | | +| | - Added description about the custom route table function. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2016-10-19 | This release incorporates the following change: | +| | | +| | - Updated the Help Center URL of the VPN service. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2016-07-15 | This release incorporates the following changes: | +| | | +| | - Modified the VPN authentication algorithm. | +| | - Optimized the traffic metering function. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ +| 2016-03-14 | This issue is the first official release. | ++-----------------------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ diff --git a/umn/source/elastic_ip/assigning_an_eip_and_binding_it_to_an_ecs.rst b/umn/source/elastic_ip/assigning_an_eip_and_binding_it_to_an_ecs.rst index a5f3f15..0015206 100644 --- a/umn/source/elastic_ip/assigning_an_eip_and_binding_it_to_an_ecs.rst +++ b/umn/source/elastic_ip/assigning_an_eip_and_binding_it_to_an_ecs.rst @@ -81,27 +81,27 @@ Assigning an EIP .. table:: **Table 2** EIP tag requirements - +-----------------------+---------------------------------------------------------------------+-----------------------+ - | Parameter | Requirement | Example Value | - +=======================+=====================================================================+=======================+ - | Key | - Cannot be left blank. | Ipv4_key1 | - | | - The key value must be unique for the same EIP. | | - | | - Can contain up to 36 characters. | | - | | - Can contain only the following character types: | | - | | | | - | | - Uppercase letters | | - | | - Lowercase letters | | - | | - Digits | | - | | - Special characters, including hyphens (-) and underscores (_) | | - +-----------------------+---------------------------------------------------------------------+-----------------------+ - | Value | - Can contain up to 43 characters. | 3005eip | - | | - Can contain only the following character types: | | - | | | | - | | - Uppercase letters | | - | | - Lowercase letters | | - | | - Digits | | - | | - Special characters, including hyphens (-) and underscores (_) | | - +-----------------------+---------------------------------------------------------------------+-----------------------+ + +-----------------------+------------------------------------------------------------------------+-----------------------+ + | Parameter | Requirement | Example Value | + +=======================+========================================================================+=======================+ + | Key | - Cannot be left blank. | Ipv4_key1 | + | | - The key value must be unique for the same EIP. | | + | | - Can contain up to 36 characters. | | + | | - Can contain only the following character types: | | + | | | | + | | - Uppercase letters | | + | | - Lowercase letters | | + | | - Digits | | + | | - Only hyphens (-), underscores (_), and at signs (@) are allowed. | | + +-----------------------+------------------------------------------------------------------------+-----------------------+ + | Value | - Can contain up to 43 characters. | 3005eip | + | | - Can contain only the following character types: | | + | | | | + | | - Uppercase letters | | + | | - Lowercase letters | | + | | - Digits | | + | | - Only underscores (_), hyphens (-), and at signs (@) are allowed. | | + +-----------------------+------------------------------------------------------------------------+-----------------------+ #. Click **Create Now**. @@ -122,7 +122,7 @@ Binding an EIP #. Click **OK**. -An IPv6 client on the Internet can access the ECS that has an EIP bound in a VPC. For details, see :ref:`How Does an IPv6 Client on the Internet Access the ECS That Has an EIP Bound in a VPC? ` +An IPv6 client on the internet can access the ECS that has an EIP bound in a VPC. For details, see `How Does an IPv6 Client on the Internet Access the ECS That Has an EIP Bound in a VPC? `__ Follow-Up Procedure ------------------- @@ -131,7 +131,7 @@ After an ECS with an EIP bound is created, the system generates a domain name in You can use any of the following commands to obtain the domain name of an EIP: -- ping -a *EIP* +- ping -an *EIP* - nslookup [-qt=ptr] *EIP* - dig -x *EIP* diff --git a/umn/source/elastic_ip/managing_eip_tags.rst b/umn/source/elastic_ip/managing_eip_tags.rst index dfff434..9d2e527 100644 --- a/umn/source/elastic_ip/managing_eip_tags.rst +++ b/umn/source/elastic_ip/managing_eip_tags.rst @@ -16,27 +16,27 @@ A tag consists of a key and value pair. :ref:`Table 1 ` +- :ref:`How Many Routes Can I Add to a Route Table? ` - :ref:`Are There Any Restrictions on Using a Route Table? ` - :ref:`Do the Same Routing Priorities Apply to Direct Connect Connections and Custom Routes in the Same VPC? ` - :ref:`Are There Different Routing Priorities of the VPN and Custom Routes in the Same VPC? ` @@ -14,7 +14,7 @@ Routing :maxdepth: 1 :hidden: - how_many_routes_can_a_route_table_contain + how_many_routes_can_i_add_to_a_route_table are_there_any_restrictions_on_using_a_route_table do_the_same_routing_priorities_apply_to_direct_connect_connections_and_custom_routes_in_the_same_vpc are_there_different_routing_priorities_of_the_vpn_and_custom_routes_in_the_same_vpc diff --git a/umn/source/getting_started/configuring_a_vpc_for_ecss_that_access_the_internet_using_eips/index.rst b/umn/source/getting_started/configuring_a_vpc_for_ecss_that_access_the_internet_using_eips/index.rst index cb54a1b..1d37017 100644 --- a/umn/source/getting_started/configuring_a_vpc_for_ecss_that_access_the_internet_using_eips/index.rst +++ b/umn/source/getting_started/configuring_a_vpc_for_ecss_that_access_the_internet_using_eips/index.rst @@ -5,138 +5,6 @@ Configuring a VPC for ECSs That Access the Internet Using EIPs ============================================================== -#. Log in to the management console. - -#. Click |image1| in the upper left corner and select the desired region and project. - -#. Click |image2| in the upper left corner and choose **Network** > **Virtual Private Cloud**. - - The **Virtual Private Cloud** page is displayed. - -#. Click **Create VPC**. - -#. On the **Create VPC** page, set parameters as prompted. - - A default subnet will be created together with a VPC and you can also click **Add Subnet** to create more subnets for the VPC. - - .. table:: **Table 1** VPC parameter descriptions - - +-------------------------------------+------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------+ - | Category | Parameter | Description | Example Value | - +=====================================+========================+=============================================================================================================================================================================================================================================================+=====================+ - | Basic Information | Region | Select the region nearest to you to ensure the lowest latency possible. | eu-de | - +-------------------------------------+------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------+ - | Basic Information | Name | The VPC name. | VPC-001 | - | | | | | - | | | The name can contain a maximum of 64 characters, which may consist of letters, digits, underscores (_), hyphens (-), and periods (.). The name cannot contain spaces. | | - +-------------------------------------+------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------+ - | Basic Information | IPv4 CIDR Block | The CIDR block of the VPC. The CIDR block of a subnet can be the same as the CIDR block for the VPC (for a single subnet in the VPC) or a subset of the CIDR block for the VPC (for multiple subnets in the VPC). | 192.168.0.0/16 | - | | | | | - | | | The following CIDR blocks are supported: | | - | | | | | - | | | 10.0.0.0/8-24 | | - | | | | | - | | | 172.16.0.0/12-24 | | - | | | | | - | | | 192.168.0.0/16-24 | | - +-------------------------------------+------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------+ - | Basic Information | Enterprise Project | The enterprise project to which the VPC belongs. | default | - | | | | | - | | | An enterprise project facilitates project-level management and grouping of cloud resources and users. The name of the default project is **default**. | | - +-------------------------------------+------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------+ - | Basic Information/Advanced Settings | Tag | The VPC tag, which consists of a key and value pair. You can add a maximum of 20 tags to each VPC. | - Key: vpc_key1 | - | | | | - Value: vpc-01 | - | | | The tag key and value must meet the requirements listed in :ref:`Table 2 `. | | - +-------------------------------------+------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------+ - | Basic Information/Advanced Settings | Description | Supplementary information about the VPC. This parameter is optional. | N/A | - | | | | | - | | | The VPC description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | | - +-------------------------------------+------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------+ - | Default Subnet | Name | The subnet name. | Subnet | - | | | | | - | | | The name can contain a maximum of 64 characters, which may consist of letters, digits, underscores (_), hyphens (-), and periods (.). The name cannot contain spaces. | | - +-------------------------------------+------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------+ - | Default Subnet | IPv4 CIDR Block | The CIDR block for the subnet. This value must be within the VPC CIDR block. | 192.168.0.0/24 | - +-------------------------------------+------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------+ - | Default Subnet | IPv6 CIDR Block | Specifies whether to set **IPv6 CIDR Block** to **Enable**. | ``-`` | - | | | | | - | | | After the IPv6 function is enabled, the system automatically assigns an IPv6 CIDR block to the created subnet. Currently, the IPv6 CIDR block cannot be customized. IPv6 cannot be disabled after the subnet is created. | | - +-------------------------------------+------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------+ - | Default Subnet | Associated Route Table | The default route table to which the subnet will be associated. You can change the route table to a custom route table on the **Subnets** page. | Default | - +-------------------------------------+------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------+ - | Default Subnet/Advanced Settings | Gateway | The gateway address of the subnet. | 192.168.0.1 | - +-------------------------------------+------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------+ - | Default Subnet/Advanced Settings | DNS Server Address | By default, two DNS server addresses are configured. You can change them as required. A maximum of five DNS server addresses can be configured. Multiple IP addresses must be separated using commas (,). | 100.125.x.x | - +-------------------------------------+------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------+ - | Default Subnet/Advanced Settings | NTP Server Address | The IP address of the NTP server. This parameter is optional. | 192.168.2.1 | - | | | | | - | | | You can configure the NTP server IP addresses to be added to the subnet as required. The IP addresses are added in addition to the default NTP server addresses. If you do not specify this parameter, no additional NTP server IP addresses will be added. | | - | | | | | - | | | A maximum of four IP addresses can be configured. Multiple IP addresses must be separated using commas (,). | | - +-------------------------------------+------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------+ - | Default Subnet/Advanced Settings | Tag | The subnet tag, which consists of a key and value pair. You can add a maximum of 20 tags to each subnet. | - Key: subnet_key1 | - | | | | - Value: subnet-01 | - | | | The tag key and value must meet the requirements listed in :ref:`Table 3 `. | | - +-------------------------------------+------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------+ - | Default Subnet/Advanced Settings | Description | Supplementary information about the subnet. This parameter is optional. | N/A | - | | | | | - | | | The subnet description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | | - +-------------------------------------+------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------+ - - .. _en-us_topic_0017816228__en-us_topic_0118498861_table248245914136: - - .. table:: **Table 2** VPC tag key and value requirements - - +-----------------------+------------------------------------------------------------------------+-----------------------+ - | Parameter | Requirements | Example Value | - +=======================+========================================================================+=======================+ - | Key | - Cannot be left blank. | vpc_key1 | - | | - Must be unique for each VPC and can be the same for different VPCs. | | - | | - Can contain a maximum of 36 characters. | | - | | - Can contain only the following character types: | | - | | | | - | | - Uppercase letters | | - | | - Lowercase letters | | - | | - Digits | | - | | - Special characters, including hyphens (-) and underscores (_) | | - +-----------------------+------------------------------------------------------------------------+-----------------------+ - | Value | - Can contain a maximum of 43 characters. | vpc-01 | - | | - Can contain only the following character types: | | - | | | | - | | - Uppercase letters | | - | | - Lowercase letters | | - | | - Digits | | - | | - Special characters, including hyphens (-) and underscores (_) | | - +-----------------------+------------------------------------------------------------------------+-----------------------+ - - .. _en-us_topic_0017816228__en-us_topic_0118498861_table6536185812515: - - .. table:: **Table 3** Subnet tag key and value requirements - - +-----------------------+---------------------------------------------------------------------+-----------------------+ - | Parameter | Requirements | Example Value | - +=======================+=====================================================================+=======================+ - | Key | - Cannot be left blank. | subnet_key1 | - | | - Must be unique for each subnet. | | - | | - Can contain a maximum of 36 characters. | | - | | - Can contain only the following character types: | | - | | | | - | | - Uppercase letters | | - | | - Lowercase letters | | - | | - Digits | | - | | - Special characters, including hyphens (-) and underscores (_) | | - +-----------------------+---------------------------------------------------------------------+-----------------------+ - | Value | - Can contain a maximum of 43 characters. | subnet-01 | - | | - Can contain only the following character types: | | - | | | | - | | - Uppercase letters | | - | | - Lowercase letters | | - | | - Digits | | - | | - Special characters, including hyphens (-) and underscores (_) | | - +-----------------------+---------------------------------------------------------------------+-----------------------+ - -#. Click **Create Now**. - - :ref:`Overview ` - :ref:`Step 1: Create a VPC ` - :ref:`Step 2: Create a Subnet for the VPC ` @@ -144,9 +12,6 @@ Configuring a VPC for ECSs That Access the Internet Using EIPs - :ref:`Step 4: Create a Security Group ` - :ref:`Step 5: Add a Security Group Rule ` -.. |image1| image:: /_static/images/en-us_image_0000001818982734.png -.. |image2| image:: /_static/images/en-us_image_0000001865663089.png - .. toctree:: :maxdepth: 1 :hidden: diff --git a/umn/source/getting_started/configuring_a_vpc_for_ecss_that_access_the_internet_using_eips/step_1_create_a_vpc.rst b/umn/source/getting_started/configuring_a_vpc_for_ecss_that_access_the_internet_using_eips/step_1_create_a_vpc.rst index e142bcd..2bedc57 100644 --- a/umn/source/getting_started/configuring_a_vpc_for_ecss_that_access_the_internet_using_eips/step_1_create_a_vpc.rst +++ b/umn/source/getting_started/configuring_a_vpc_for_ecss_that_access_the_internet_using_eips/step_1_create_a_vpc.rst @@ -29,6 +29,12 @@ Procedure A default subnet will be created together with a VPC and you can also click **Add Subnet** to create more subnets for the VPC. + + .. figure:: /_static/images/en-us_image_0000001865837676.png + :alt: **Figure 1** Create a VPC and subnet + + **Figure 1** Create a VPC and subnet + .. table:: **Table 1** VPC parameter descriptions +-------------------------------------+------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------+ @@ -108,7 +114,7 @@ Procedure | | - Uppercase letters | | | | - Lowercase letters | | | | - Digits | | - | | - Special characters, including hyphens (-) and underscores (_) | | + | | - Only hyphens (-), underscores (_), and at signs (@) are allowed. | | +-----------------------+------------------------------------------------------------------------+-----------------------+ | Value | - Can contain a maximum of 43 characters. | vpc-01 | | | - Can contain only the following character types: | | @@ -116,34 +122,34 @@ Procedure | | - Uppercase letters | | | | - Lowercase letters | | | | - Digits | | - | | - Special characters, including hyphens (-) and underscores (_) | | + | | - Only underscores (_), hyphens (-), and at signs (@) are allowed. | | +-----------------------+------------------------------------------------------------------------+-----------------------+ .. _vpc_qs_0009__en-us_topic_0013935842_table6536185812515: .. table:: **Table 3** Subnet tag key and value requirements - +-----------------------+---------------------------------------------------------------------+-----------------------+ - | Parameter | Requirements | Example Value | - +=======================+=====================================================================+=======================+ - | Key | - Cannot be left blank. | subnet_key1 | - | | - Must be unique for each subnet. | | - | | - Can contain a maximum of 36 characters. | | - | | - Can contain only the following character types: | | - | | | | - | | - Uppercase letters | | - | | - Lowercase letters | | - | | - Digits | | - | | - Special characters, including hyphens (-) and underscores (_) | | - +-----------------------+---------------------------------------------------------------------+-----------------------+ - | Value | - Can contain a maximum of 43 characters. | subnet-01 | - | | - Can contain only the following character types: | | - | | | | - | | - Uppercase letters | | - | | - Lowercase letters | | - | | - Digits | | - | | - Special characters, including hyphens (-) and underscores (_) | | - +-----------------------+---------------------------------------------------------------------+-----------------------+ + +-----------------------+------------------------------------------------------------------------+-----------------------+ + | Parameter | Requirements | Example Value | + +=======================+========================================================================+=======================+ + | Key | - Cannot be left blank. | subnet_key1 | + | | - Must be unique for each subnet. | | + | | - Can contain a maximum of 36 characters. | | + | | - Can contain only the following character types: | | + | | | | + | | - Uppercase letters | | + | | - Lowercase letters | | + | | - Digits | | + | | - Only hyphens (-), underscores (_), and at signs (@) are allowed. | | + +-----------------------+------------------------------------------------------------------------+-----------------------+ + | Value | - Can contain a maximum of 43 characters. | subnet-01 | + | | - Can contain only the following character types: | | + | | | | + | | - Uppercase letters | | + | | - Lowercase letters | | + | | - Digits | | + | | - Only underscores (_), hyphens (-), and at signs (@) are allowed. | | + +-----------------------+------------------------------------------------------------------------+-----------------------+ #. Click **Create Now**. diff --git a/umn/source/getting_started/configuring_a_vpc_for_ecss_that_access_the_internet_using_eips/step_2_create_a_subnet_for_the_vpc.rst b/umn/source/getting_started/configuring_a_vpc_for_ecss_that_access_the_internet_using_eips/step_2_create_a_subnet_for_the_vpc.rst index c107e74..43755ff 100644 --- a/umn/source/getting_started/configuring_a_vpc_for_ecss_that_access_the_internet_using_eips/step_2_create_a_subnet_for_the_vpc.rst +++ b/umn/source/getting_started/configuring_a_vpc_for_ecss_that_access_the_internet_using_eips/step_2_create_a_subnet_for_the_vpc.rst @@ -81,27 +81,27 @@ Procedure .. table:: **Table 2** Subnet tag key and value requirements - +-----------------------+---------------------------------------------------------------------+-----------------------+ - | Parameter | Requirements | Example Value | - +=======================+=====================================================================+=======================+ - | Key | - Cannot be left blank. | subnet_key1 | - | | - Must be unique for each subnet. | | - | | - Can contain a maximum of 36 characters. | | - | | - Can contain only the following character types: | | - | | | | - | | - Uppercase letters | | - | | - Lowercase letters | | - | | - Digits | | - | | - Special characters, including hyphens (-) and underscores (_) | | - +-----------------------+---------------------------------------------------------------------+-----------------------+ - | Value | - Can contain a maximum of 43 characters. | subnet-01 | - | | - Can contain only the following character types: | | - | | | | - | | - Uppercase letters | | - | | - Lowercase letters | | - | | - Digits | | - | | - Special characters, including hyphens (-) and underscores (_) | | - +-----------------------+---------------------------------------------------------------------+-----------------------+ + +-----------------------+------------------------------------------------------------------------+-----------------------+ + | Parameter | Requirements | Example Value | + +=======================+========================================================================+=======================+ + | Key | - Cannot be left blank. | subnet_key1 | + | | - Must be unique for each subnet. | | + | | - Can contain a maximum of 36 characters. | | + | | - Can contain only the following character types: | | + | | | | + | | - Uppercase letters | | + | | - Lowercase letters | | + | | - Digits | | + | | - Only hyphens (-), underscores (_), and at signs (@) are allowed. | | + +-----------------------+------------------------------------------------------------------------+-----------------------+ + | Value | - Can contain a maximum of 43 characters. | subnet-01 | + | | - Can contain only the following character types: | | + | | | | + | | - Uppercase letters | | + | | - Lowercase letters | | + | | - Digits | | + | | - Only underscores (_), hyphens (-), and at signs (@) are allowed. | | + +-----------------------+------------------------------------------------------------------------+-----------------------+ 7. Click **OK**. diff --git a/umn/source/getting_started/configuring_a_vpc_for_ecss_that_access_the_internet_using_eips/step_3_assign_an_eip_and_bind_it_to_an_ecs.rst b/umn/source/getting_started/configuring_a_vpc_for_ecss_that_access_the_internet_using_eips/step_3_assign_an_eip_and_bind_it_to_an_ecs.rst index e7e7eed..741979c 100644 --- a/umn/source/getting_started/configuring_a_vpc_for_ecss_that_access_the_internet_using_eips/step_3_assign_an_eip_and_bind_it_to_an_ecs.rst +++ b/umn/source/getting_started/configuring_a_vpc_for_ecss_that_access_the_internet_using_eips/step_3_assign_an_eip_and_bind_it_to_an_ecs.rst @@ -81,27 +81,27 @@ Assigning an EIP .. table:: **Table 2** EIP tag requirements - +-----------------------+---------------------------------------------------------------------+-----------------------+ - | Parameter | Requirement | Example Value | - +=======================+=====================================================================+=======================+ - | Key | - Cannot be left blank. | Ipv4_key1 | - | | - The key value must be unique for the same EIP. | | - | | - Can contain up to 36 characters. | | - | | - Can contain only the following character types: | | - | | | | - | | - Uppercase letters | | - | | - Lowercase letters | | - | | - Digits | | - | | - Special characters, including hyphens (-) and underscores (_) | | - +-----------------------+---------------------------------------------------------------------+-----------------------+ - | Value | - Can contain up to 43 characters. | 3005eip | - | | - Can contain only the following character types: | | - | | | | - | | - Uppercase letters | | - | | - Lowercase letters | | - | | - Digits | | - | | - Special characters, including hyphens (-) and underscores (_) | | - +-----------------------+---------------------------------------------------------------------+-----------------------+ + +-----------------------+------------------------------------------------------------------------+-----------------------+ + | Parameter | Requirement | Example Value | + +=======================+========================================================================+=======================+ + | Key | - Cannot be left blank. | Ipv4_key1 | + | | - The key value must be unique for the same EIP. | | + | | - Can contain up to 36 characters. | | + | | - Can contain only the following character types: | | + | | | | + | | - Uppercase letters | | + | | - Lowercase letters | | + | | - Digits | | + | | - Only hyphens (-), underscores (_), and at signs (@) are allowed. | | + +-----------------------+------------------------------------------------------------------------+-----------------------+ + | Value | - Can contain up to 43 characters. | 3005eip | + | | - Can contain only the following character types: | | + | | | | + | | - Uppercase letters | | + | | - Lowercase letters | | + | | - Digits | | + | | - Only underscores (_), hyphens (-), and at signs (@) are allowed. | | + +-----------------------+------------------------------------------------------------------------+-----------------------+ #. Click **Create Now**. @@ -122,7 +122,7 @@ Binding an EIP #. Click **OK**. -An IPv6 client on the Internet can access the ECS that has an EIP bound in a VPC. For details, see :ref:`How Does an IPv6 Client on the Internet Access the ECS That Has an EIP Bound in a VPC? ` +An IPv6 client on the internet can access the ECS that has an EIP bound in a VPC. For details, see `How Does an IPv6 Client on the Internet Access the ECS That Has an EIP Bound in a VPC? `__ Follow-Up Procedure ------------------- @@ -131,7 +131,7 @@ After an ECS with an EIP bound is created, the system generates a domain name in You can use any of the following commands to obtain the domain name of an EIP: -- ping -a *EIP* +- ping -an *EIP* - nslookup [-qt=ptr] *EIP* - dig -x *EIP* diff --git a/umn/source/getting_started/configuring_a_vpc_for_ecss_that_access_the_internet_using_eips/step_4_create_a_security_group.rst b/umn/source/getting_started/configuring_a_vpc_for_ecss_that_access_the_internet_using_eips/step_4_create_a_security_group.rst index 5a1df78..290395e 100644 --- a/umn/source/getting_started/configuring_a_vpc_for_ecss_that_access_the_internet_using_eips/step_4_create_a_security_group.rst +++ b/umn/source/getting_started/configuring_a_vpc_for_ecss_that_access_the_internet_using_eips/step_4_create_a_security_group.rst @@ -14,6 +14,61 @@ If your instances have different Internet access requirements, you can allocate Each ECS must be associated with at least one security group. If you do not have a security group when creating an ECS, the system provides a default security group. +Security Group Templates +------------------------ + +The system provides several security group templates for you to create a security group. A security group template has preconfigured inbound and outbound rules. You can select a template based on your service requirements. :ref:`Table 1 ` describes the security group templates. + +.. _vpc_qs_0012__en-us_topic_0013748715_table117828131111: + +.. table:: **Table 1** Security group templates + + +----------------------------+-----------+--------------------------+--------------------+-----------------------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | Template | Direction | Protocol/Port/Type | Source/Destination | Description | Application Scenario | + +============================+===========+==========================+====================+===================================================================================================================================+============================================================================================================================================================================================================================+ + | General-purpose web server | Inbound | TCP: 22 (IPv4) | 0.0.0.0/0 | Allows all IPv4 addresses to access ECSs in the security group over port 22 (SSH) for remotely logging in to Linux ECSs. | - Remotely log in to ECSs. | + | | | | | | - Use the ping command to test ECS connectivity. | + | | | | | | - ECSs functioning as web servers provide website access services. | + +----------------------------+-----------+--------------------------+--------------------+-----------------------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | | | TCP: 3389 (IPv4) | 0.0.0.0/0 | Allows all IPv4 addresses to access ECSs in the security group over port 3389 (RDP) for remotely logging in to Windows ECSs. | | + +----------------------------+-----------+--------------------------+--------------------+-----------------------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | | | TCP: 80 (IPv4) | 0.0.0.0/0 | Allows all IPv4 addresses to access ECSs in the security group over port 80 (HTTP) for visiting websites. | | + +----------------------------+-----------+--------------------------+--------------------+-----------------------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | | | TCP: 443 (IPv4) | 0.0.0.0/0 | Allows all IPv4 addresses to access ECSs in the security group over port 443 (HTTPS) for visiting websites. | | + +----------------------------+-----------+--------------------------+--------------------+-----------------------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | | | ICMP: All (IPv4) | 0.0.0.0/0 | Allows all IPv4 addresses to access ECSs in the security group over any port for using the ping command to test ECS connectivity. | | + +----------------------------+-----------+--------------------------+--------------------+-----------------------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | | | All (IPv4) | sg-xxx | Allows ECSs in the security group to communicate with each other. | | + | | | | | | | + | | | All (IPv6) | | | | + +----------------------------+-----------+--------------------------+--------------------+-----------------------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | | Outbound | All (IPv4) | 0.0.0.0/0 | Allows access from ECSs in the security group to any IP address over any port. | | + | | | | | | | + | | | All (IPv6) | | | | + +----------------------------+-----------+--------------------------+--------------------+-----------------------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | All ports open | Inbound | All (IPv4) | sg-xxx | Allows ECSs in the security group to communicate with each other. | Opening all ECS ports in a security group poses security risks. | + | | | | | | | + | | | All (IPv6) | | | | + +----------------------------+-----------+--------------------------+--------------------+-----------------------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | | | All (IPv4) | 0.0.0.0/0 | Allows all IP addresses to access ECSs in the security group over any port. | | + | | | | | | | + | | | All (IPv6) | | | | + +----------------------------+-----------+--------------------------+--------------------+-----------------------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | | Outbound | All (IPv4) | 0.0.0.0/0 | Allows access from ECSs in the security group to any IP address over any port. | | + | | | | | | | + | | | All (IPv6) | | | | + +----------------------------+-----------+--------------------------+--------------------+-----------------------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | Fast-add rule | Inbound | All (IPv4) | sg-xxx | Allows ECSs in the security group to communicate with each other. | You can select protocols and ports that the inbound rule will apply to. | + | | | | | | | + | | | All (IPv6) | | | If you do not select any protocols and ports, no protocols and ports will be opened. After the security group is created, add required rules by referring to :ref:`Adding a Security Group Rule `. | + +----------------------------+-----------+--------------------------+--------------------+-----------------------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | | | Custom port and protocol | 0.0.0.0/0 | Allows all IP addresses to access ECSs in a security group over specified ports (TCP or ICMP) for different purposes. | | + +----------------------------+-----------+--------------------------+--------------------+-----------------------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + | | Outbound | All (IPv4) | 0.0.0.0/0 | Allows access from ECSs in the security group to any IP address over any port. | | + | | | | | | | + | | | All (IPv6) | ::/0 | | | + +----------------------------+-----------+--------------------------+--------------------+-----------------------------------------------------------------------------------------------------------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ + Procedure --------- @@ -41,41 +96,39 @@ Procedure **Figure 1** Create Security Group - .. table:: **Table 1** Parameter description + .. table:: **Table 2** Parameter description - +-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+----------------------------+ - | Parameter | Description | Example Value | - +=======================+=======================================================================================================================================================================================================================================================================+============================+ - | Name | Mandatory | sg-AB | - | | | | - | | Enter the security group name. | | - | | | | - | | The security group name can contain a maximum of 64 characters, which may consist of letters, digits, underscores (_), hyphens (-), and periods (.). The name cannot contain spaces. | | - | | | | - | | .. note:: | | - | | | | - | | You can change the security group name after a security group is created. It is recommended that you give each security group a different name. | | - +-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+----------------------------+ - | Enterprise Project | Mandatory | default | - | | | | - | | When creating a security group, you can add the security group to an enabled enterprise project. | | - | | | | - | | An enterprise project facilitates project-level management and grouping of cloud resources and users. The name of the default project is **default**. | | - +-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+----------------------------+ - | Template | Mandatory | General-purpose web server | - | | | | - | | A template comes with default security group rules, helping you quickly create security groups. The following templates are provided: | | - | | | | - | | - **Custom**: This template allows you to create security groups with custom security group rules. | | - | | - **General-purpose web server** (default value): The security group that you create using this template is for general-purpose web servers and includes default rules that allow all inbound ICMP traffic and allow inbound traffic on ports 22, 80, 443, and 3389. | | - | | - **All ports open**: The security group that you create using this template includes default rules that allow inbound traffic on any port. Note that allowing inbound traffic on any port poses security risks. | | - +-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+----------------------------+ - | Description | Optional | N/A | - | | | | - | | Supplementary information about the security group. This parameter is optional. | | - | | | | - | | The security group description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | | - +-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+----------------------------+ + +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+----------------------------+ + | Parameter | Description | Example Value | + +=======================+================================================================================================================================================================================================================================+============================+ + | Name | Mandatory | sg-AB | + | | | | + | | Enter the security group name. | | + | | | | + | | The security group name can contain a maximum of 64 characters, which may consist of letters, digits, underscores (_), hyphens (-), and periods (.). The name cannot contain spaces. | | + | | | | + | | .. note:: | | + | | | | + | | You can change the security group name after a security group is created. It is recommended that you give each security group a different name. | | + +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+----------------------------+ + | Enterprise Project | Mandatory | default | + | | | | + | | When creating a security group, you can add the security group to an enabled enterprise project. | | + | | | | + | | An enterprise project facilitates project-level management and grouping of cloud resources and users. The name of the default project is **default**. | | + +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+----------------------------+ + | Template | Mandatory | General-purpose web server | + | | | | + | | The system provides several security group templates for you to create a security group. A security group template has preconfigured inbound and outbound rules. You can select a template based on your service requirements. | | + | | | | + | | :ref:`Table 1 ` describes the security group templates. | | + +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+----------------------------+ + | Description | Optional | N/A | + | | | | + | | Supplementary information about the security group. This parameter is optional. | | + | | | | + | | The security group description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | | + +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+----------------------------+ #. Confirm the inbound and outbound rules of the template and click **OK**. diff --git a/umn/source/getting_started/configuring_a_vpc_for_ecss_that_access_the_internet_using_eips/step_5_add_a_security_group_rule.rst b/umn/source/getting_started/configuring_a_vpc_for_ecss_that_access_the_internet_using_eips/step_5_add_a_security_group_rule.rst index 8d1886e..80c0e7a 100644 --- a/umn/source/getting_started/configuring_a_vpc_for_ecss_that_access_the_internet_using_eips/step_5_add_a_security_group_rule.rst +++ b/umn/source/getting_started/configuring_a_vpc_for_ecss_that_access_the_internet_using_eips/step_5_add_a_security_group_rule.rst @@ -65,36 +65,36 @@ Procedure .. table:: **Table 1** Inbound rule parameter description - +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ - | Parameter | Description | Example Value | - +=======================+====================================================================================================================================================================================================================================================================================================================================================================================================================+=======================+ - | Protocol & Port | The network protocol used to match traffic in a security group rule. | TCP | - | | | | - | | Currently, the value can be **All**, **TCP**, **UDP**, **GRE**, **ICMP**, or more. | | - +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ - | | **Port**: The port or port range over which traffic can reach your ECS. The value can be from 1 to 65535. | 22, or 22-30 | - +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ - | Type | Source IP address version. You can select: | IPv4 | - | | | | - | | - IPv4 | | - | | - IPv6 | | - +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ - | Source | Source of the security group rule. The value can be an IP address, a security group, or an IP address group to allow access from IP addresses or instances in the security group. For example: | 0.0.0.0/0 | - | | | | - | | - IP address: | | - | | | | - | | - Single IP address: 192.168.10.10/32 | | - | | - All IP addresses: 0.0.0.0/0 | | - | | - IP address range: 192.168.1.0/24 | | - | | | | - | | - **Security group**: The source is from another security group. You can select a security group in the same region under the current account from the drop-down list. Instance A is in security group A and instance B is in security group B. If security group A has an inbound rule with **Action** set to **Allow** and **Source** set to security group B, access from instance B is allowed to instance A. | | - | | | | - | | If the source is a security group, this rule will apply to all instances associated with the selected security group. | | - +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ - | Description | Supplementary information about the security group rule. This parameter is optional. | N/A | - | | | | - | | The security group rule description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | | - +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ + | Parameter | Description | Example Value | + +=======================+===============================================================================================================================================================================================================================================================================================================================================================+=======================+ + | Protocol & Port | The network protocol used to match traffic in a security group rule. | TCP | + | | | | + | | Currently, the value can be **All**, **TCP**, **UDP**, **GRE**, **ICMP**, or more. | | + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ + | | **Port**: The port or port range over which traffic can reach your ECS. The value can be from 1 to 65535. | 22, or 22-30 | + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ + | Type | Source IP address version. You can select: | IPv4 | + | | | | + | | - IPv4 | | + | | - IPv6 | | + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ + | Source | Source of the security group rule. The value can be an IP address or a security group to allow access from IP addresses or instances in the security group. | 0.0.0.0/0 | + | | | | + | | - IP address: | | + | | | | + | | - Single IP address: 192.168.10.10/32 | | + | | - All IP addresses: 0.0.0.0/0 | | + | | - IP address range: 192.168.1.0/24 | | + | | | | + | | - **Security group**: The source is from another security group. You can select a security group in the same region from the drop-down list. If there is instance A in security group A and instance B in security group B, and the inbound rule of security group A allows traffic from security group B, traffic is allowed from instance B to instance A. | | + | | | | + | | If the source is a security group, this rule will apply to all instances associated with the selected security group. | | + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ + | Description | Supplementary information about the security group rule. This parameter is optional. | N/A | + | | | | + | | The security group rule description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | | + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ #. Click **OK**. @@ -116,34 +116,34 @@ Procedure .. table:: **Table 2** Outbound rule parameter description - +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ - | Parameter | Description | Example Value | - +=======================+============================================================================================================================================================================================================================================================================================================================================================================================================================================+=======================+ - | Protocol & Port | The network protocol used to match traffic in a security group rule. | TCP | - | | | | - | | Currently, the value can be **All**, **TCP**, **UDP**, **GRE**, **ICMP**, or more. | | - +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ - | | **Port**: The port or port range over which traffic can leave your ECS. The value can be from 1 to 65535. | 22, or 22-30 | - +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ - | Type | Source IP address version. You can select: | IPv4 | - | | | | - | | - IPv4 | | - | | - IPv6 | | - +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ - | Destination | Destination of the security group rule. The value can be an IP address or a security group to allow access to IP addresses or instances in the security group. For example: | 0.0.0.0/0 | - | | | | - | | - IP address: | | - | | | | - | | - Single IP address: 192.168.10.10/32 | | - | | - All IP addresses: 0.0.0.0/0 | | - | | - IP address range: 192.168.1.0/24 | | - | | | | - | | - **Security group**: The destination is from another security group. You can select a security group in the same region under the current account from the drop-down list. For example, instance A is in security group A and instance B is in security group B. If security group A has an outbound rule with **Action** set to **Allow** and **Destination** set to security group B, access from instance A is allowed to instance B. | | - +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ - | Description | Supplementary information about the security group rule. This parameter is optional. | N/A | - | | | | - | | The security group rule description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | | - +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ + | Parameter | Description | Example Value | + +=======================+===============================================================================================================================================================================================================================================================================================================================================================+=======================+ + | Protocol & Port | The network protocol used to match traffic in a security group rule. | TCP | + | | | | + | | Currently, the value can be **All**, **TCP**, **UDP**, **GRE**, **ICMP**, or more. | | + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ + | | **Port**: The port or port range over which traffic can leave your ECS. The value can be from 1 to 65535. | 22, or 22-30 | + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ + | Type | Source IP address version. You can select: | IPv4 | + | | | | + | | - IPv4 | | + | | - IPv6 | | + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ + | Destination | Destination of the security group rule. The value can be an IP address or a security group to allow access to IP addresses or instances in the security group. | 0.0.0.0/0 | + | | | | + | | - IP address: | | + | | | | + | | - Single IP address: 192.168.10.10/32 | | + | | - All IP addresses: 0.0.0.0/0 | | + | | - IP address range: 192.168.1.0/24 | | + | | | | + | | - **Security group**: The source is from another security group. You can select a security group in the same region from the drop-down list. If there is instance A in security group A and instance B in security group B, and the inbound rule of security group A allows traffic from security group B, traffic is allowed from instance B to instance A. | | + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ + | Description | Supplementary information about the security group rule. This parameter is optional. | N/A | + | | | | + | | The security group rule description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | | + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ #. Click **OK**. diff --git a/umn/source/getting_started/configuring_a_vpc_for_ecss_that_do_not_require_internet_access/step_1_create_a_vpc.rst b/umn/source/getting_started/configuring_a_vpc_for_ecss_that_do_not_require_internet_access/step_1_create_a_vpc.rst index 5c75313..67d42e6 100644 --- a/umn/source/getting_started/configuring_a_vpc_for_ecss_that_do_not_require_internet_access/step_1_create_a_vpc.rst +++ b/umn/source/getting_started/configuring_a_vpc_for_ecss_that_do_not_require_internet_access/step_1_create_a_vpc.rst @@ -29,6 +29,12 @@ Procedure A default subnet will be created together with a VPC and you can also click **Add Subnet** to create more subnets for the VPC. + + .. figure:: /_static/images/en-us_image_0000001865837676.png + :alt: **Figure 1** Create a VPC and subnet + + **Figure 1** Create a VPC and subnet + .. table:: **Table 1** VPC parameter descriptions +-------------------------------------+------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------+ @@ -108,7 +114,7 @@ Procedure | | - Uppercase letters | | | | - Lowercase letters | | | | - Digits | | - | | - Special characters, including hyphens (-) and underscores (_) | | + | | - Only hyphens (-), underscores (_), and at signs (@) are allowed. | | +-----------------------+------------------------------------------------------------------------+-----------------------+ | Value | - Can contain a maximum of 43 characters. | vpc-01 | | | - Can contain only the following character types: | | @@ -116,34 +122,34 @@ Procedure | | - Uppercase letters | | | | - Lowercase letters | | | | - Digits | | - | | - Special characters, including hyphens (-) and underscores (_) | | + | | - Only underscores (_), hyphens (-), and at signs (@) are allowed. | | +-----------------------+------------------------------------------------------------------------+-----------------------+ .. _vpc_qs_0005__en-us_topic_0013935842_table6536185812515: .. table:: **Table 3** Subnet tag key and value requirements - +-----------------------+---------------------------------------------------------------------+-----------------------+ - | Parameter | Requirements | Example Value | - +=======================+=====================================================================+=======================+ - | Key | - Cannot be left blank. | subnet_key1 | - | | - Must be unique for each subnet. | | - | | - Can contain a maximum of 36 characters. | | - | | - Can contain only the following character types: | | - | | | | - | | - Uppercase letters | | - | | - Lowercase letters | | - | | - Digits | | - | | - Special characters, including hyphens (-) and underscores (_) | | - +-----------------------+---------------------------------------------------------------------+-----------------------+ - | Value | - Can contain a maximum of 43 characters. | subnet-01 | - | | - Can contain only the following character types: | | - | | | | - | | - Uppercase letters | | - | | - Lowercase letters | | - | | - Digits | | - | | - Special characters, including hyphens (-) and underscores (_) | | - +-----------------------+---------------------------------------------------------------------+-----------------------+ + +-----------------------+------------------------------------------------------------------------+-----------------------+ + | Parameter | Requirements | Example Value | + +=======================+========================================================================+=======================+ + | Key | - Cannot be left blank. | subnet_key1 | + | | - Must be unique for each subnet. | | + | | - Can contain a maximum of 36 characters. | | + | | - Can contain only the following character types: | | + | | | | + | | - Uppercase letters | | + | | - Lowercase letters | | + | | - Digits | | + | | - Only hyphens (-), underscores (_), and at signs (@) are allowed. | | + +-----------------------+------------------------------------------------------------------------+-----------------------+ + | Value | - Can contain a maximum of 43 characters. | subnet-01 | + | | - Can contain only the following character types: | | + | | | | + | | - Uppercase letters | | + | | - Lowercase letters | | + | | - Digits | | + | | - Only underscores (_), hyphens (-), and at signs (@) are allowed. | | + +-----------------------+------------------------------------------------------------------------+-----------------------+ #. Click **Create Now**. diff --git a/umn/source/getting_started/configuring_a_vpc_for_ecss_that_do_not_require_internet_access/step_2_create_a_subnet_for_the_vpc.rst b/umn/source/getting_started/configuring_a_vpc_for_ecss_that_do_not_require_internet_access/step_2_create_a_subnet_for_the_vpc.rst index d599bf4..7b38db0 100644 --- a/umn/source/getting_started/configuring_a_vpc_for_ecss_that_do_not_require_internet_access/step_2_create_a_subnet_for_the_vpc.rst +++ b/umn/source/getting_started/configuring_a_vpc_for_ecss_that_do_not_require_internet_access/step_2_create_a_subnet_for_the_vpc.rst @@ -81,27 +81,27 @@ Procedure .. table:: **Table 2** Subnet tag key and value requirements - +-----------------------+---------------------------------------------------------------------+-----------------------+ - | Parameter | Requirements | Example Value | - +=======================+=====================================================================+=======================+ - | Key | - Cannot be left blank. | subnet_key1 | - | | - Must be unique for each subnet. | | - | | - Can contain a maximum of 36 characters. | | - | | - Can contain only the following character types: | | - | | | | - | | - Uppercase letters | | - | | - Lowercase letters | | - | | - Digits | | - | | - Special characters, including hyphens (-) and underscores (_) | | - +-----------------------+---------------------------------------------------------------------+-----------------------+ - | Value | - Can contain a maximum of 43 characters. | subnet-01 | - | | - Can contain only the following character types: | | - | | | | - | | - Uppercase letters | | - | | - Lowercase letters | | - | | - Digits | | - | | - Special characters, including hyphens (-) and underscores (_) | | - +-----------------------+---------------------------------------------------------------------+-----------------------+ + +-----------------------+------------------------------------------------------------------------+-----------------------+ + | Parameter | Requirements | Example Value | + +=======================+========================================================================+=======================+ + | Key | - Cannot be left blank. | subnet_key1 | + | | - Must be unique for each subnet. | | + | | - Can contain a maximum of 36 characters. | | + | | - Can contain only the following character types: | | + | | | | + | | - Uppercase letters | | + | | - Lowercase letters | | + | | - Digits | | + | | - Only hyphens (-), underscores (_), and at signs (@) are allowed. | | + +-----------------------+------------------------------------------------------------------------+-----------------------+ + | Value | - Can contain a maximum of 43 characters. | subnet-01 | + | | - Can contain only the following character types: | | + | | | | + | | - Uppercase letters | | + | | - Lowercase letters | | + | | - Digits | | + | | - Only underscores (_), hyphens (-), and at signs (@) are allowed. | | + +-----------------------+------------------------------------------------------------------------+-----------------------+ 7. Click **OK**. diff --git a/umn/source/getting_started/configuring_a_vpc_for_ecss_that_do_not_require_internet_access/step_3_create_a_security_group.rst b/umn/source/getting_started/configuring_a_vpc_for_ecss_that_do_not_require_internet_access/step_3_create_a_security_group.rst index f60cb13..2c6814e 100644 --- a/umn/source/getting_started/configuring_a_vpc_for_ecss_that_do_not_require_internet_access/step_3_create_a_security_group.rst +++ b/umn/source/getting_started/configuring_a_vpc_for_ecss_that_do_not_require_internet_access/step_3_create_a_security_group.rst @@ -43,39 +43,37 @@ Procedure .. table:: **Table 1** Parameter description - +-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+----------------------------+ - | Parameter | Description | Example Value | - +=======================+=======================================================================================================================================================================================================================================================================+============================+ - | Name | Mandatory | sg-AB | - | | | | - | | Enter the security group name. | | - | | | | - | | The security group name can contain a maximum of 64 characters, which may consist of letters, digits, underscores (_), hyphens (-), and periods (.). The name cannot contain spaces. | | - | | | | - | | .. note:: | | - | | | | - | | You can change the security group name after a security group is created. It is recommended that you give each security group a different name. | | - +-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+----------------------------+ - | Enterprise Project | Mandatory | default | - | | | | - | | When creating a security group, you can add the security group to an enabled enterprise project. | | - | | | | - | | An enterprise project facilitates project-level management and grouping of cloud resources and users. The name of the default project is **default**. | | - +-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+----------------------------+ - | Template | Mandatory | General-purpose web server | - | | | | - | | A template comes with default security group rules, helping you quickly create security groups. The following templates are provided: | | - | | | | - | | - **Custom**: This template allows you to create security groups with custom security group rules. | | - | | - **General-purpose web server** (default value): The security group that you create using this template is for general-purpose web servers and includes default rules that allow all inbound ICMP traffic and allow inbound traffic on ports 22, 80, 443, and 3389. | | - | | - **All ports open**: The security group that you create using this template includes default rules that allow inbound traffic on any port. Note that allowing inbound traffic on any port poses security risks. | | - +-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+----------------------------+ - | Description | Optional | N/A | - | | | | - | | Supplementary information about the security group. This parameter is optional. | | - | | | | - | | The security group description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | | - +-----------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+----------------------------+ + +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+----------------------------+ + | Parameter | Description | Example Value | + +=======================+================================================================================================================================================================================================================================+============================+ + | Name | Mandatory | sg-AB | + | | | | + | | Enter the security group name. | | + | | | | + | | The security group name can contain a maximum of 64 characters, which may consist of letters, digits, underscores (_), hyphens (-), and periods (.). The name cannot contain spaces. | | + | | | | + | | .. note:: | | + | | | | + | | You can change the security group name after a security group is created. It is recommended that you give each security group a different name. | | + +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+----------------------------+ + | Enterprise Project | Mandatory | default | + | | | | + | | When creating a security group, you can add the security group to an enabled enterprise project. | | + | | | | + | | An enterprise project facilitates project-level management and grouping of cloud resources and users. The name of the default project is **default**. | | + +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+----------------------------+ + | Template | Mandatory | General-purpose web server | + | | | | + | | The system provides several security group templates for you to create a security group. A security group template has preconfigured inbound and outbound rules. You can select a template based on your service requirements. | | + | | | | + | | :ref:`Table 1 ` describes the security group templates. | | + +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+----------------------------+ + | Description | Optional | N/A | + | | | | + | | Supplementary information about the security group. This parameter is optional. | | + | | | | + | | The security group description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | | + +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+----------------------------+ #. Confirm the inbound and outbound rules of the template and click **OK**. diff --git a/umn/source/getting_started/configuring_a_vpc_for_ecss_that_do_not_require_internet_access/step_4_add_a_security_group_rule.rst b/umn/source/getting_started/configuring_a_vpc_for_ecss_that_do_not_require_internet_access/step_4_add_a_security_group_rule.rst index 1e544a0..605931c 100644 --- a/umn/source/getting_started/configuring_a_vpc_for_ecss_that_do_not_require_internet_access/step_4_add_a_security_group_rule.rst +++ b/umn/source/getting_started/configuring_a_vpc_for_ecss_that_do_not_require_internet_access/step_4_add_a_security_group_rule.rst @@ -65,36 +65,36 @@ Procedure .. table:: **Table 1** Inbound rule parameter description - +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ - | Parameter | Description | Example Value | - +=======================+====================================================================================================================================================================================================================================================================================================================================================================================================================+=======================+ - | Protocol & Port | The network protocol used to match traffic in a security group rule. | TCP | - | | | | - | | Currently, the value can be **All**, **TCP**, **UDP**, **GRE**, **ICMP**, or more. | | - +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ - | | **Port**: The port or port range over which traffic can reach your ECS. The value can be from 1 to 65535. | 22, or 22-30 | - +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ - | Type | Source IP address version. You can select: | IPv4 | - | | | | - | | - IPv4 | | - | | - IPv6 | | - +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ - | Source | Source of the security group rule. The value can be an IP address, a security group, or an IP address group to allow access from IP addresses or instances in the security group. For example: | 0.0.0.0/0 | - | | | | - | | - IP address: | | - | | | | - | | - Single IP address: 192.168.10.10/32 | | - | | - All IP addresses: 0.0.0.0/0 | | - | | - IP address range: 192.168.1.0/24 | | - | | | | - | | - **Security group**: The source is from another security group. You can select a security group in the same region under the current account from the drop-down list. Instance A is in security group A and instance B is in security group B. If security group A has an inbound rule with **Action** set to **Allow** and **Source** set to security group B, access from instance B is allowed to instance A. | | - | | | | - | | If the source is a security group, this rule will apply to all instances associated with the selected security group. | | - +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ - | Description | Supplementary information about the security group rule. This parameter is optional. | N/A | - | | | | - | | The security group rule description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | | - +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ + | Parameter | Description | Example Value | + +=======================+===============================================================================================================================================================================================================================================================================================================================================================+=======================+ + | Protocol & Port | The network protocol used to match traffic in a security group rule. | TCP | + | | | | + | | Currently, the value can be **All**, **TCP**, **UDP**, **GRE**, **ICMP**, or more. | | + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ + | | **Port**: The port or port range over which traffic can reach your ECS. The value can be from 1 to 65535. | 22, or 22-30 | + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ + | Type | Source IP address version. You can select: | IPv4 | + | | | | + | | - IPv4 | | + | | - IPv6 | | + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ + | Source | Source of the security group rule. The value can be an IP address or a security group to allow access from IP addresses or instances in the security group. | 0.0.0.0/0 | + | | | | + | | - IP address: | | + | | | | + | | - Single IP address: 192.168.10.10/32 | | + | | - All IP addresses: 0.0.0.0/0 | | + | | - IP address range: 192.168.1.0/24 | | + | | | | + | | - **Security group**: The source is from another security group. You can select a security group in the same region from the drop-down list. If there is instance A in security group A and instance B in security group B, and the inbound rule of security group A allows traffic from security group B, traffic is allowed from instance B to instance A. | | + | | | | + | | If the source is a security group, this rule will apply to all instances associated with the selected security group. | | + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ + | Description | Supplementary information about the security group rule. This parameter is optional. | N/A | + | | | | + | | The security group rule description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | | + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ #. Click **OK**. @@ -116,34 +116,34 @@ Procedure .. table:: **Table 2** Outbound rule parameter description - +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ - | Parameter | Description | Example Value | - +=======================+============================================================================================================================================================================================================================================================================================================================================================================================================================================+=======================+ - | Protocol & Port | The network protocol used to match traffic in a security group rule. | TCP | - | | | | - | | Currently, the value can be **All**, **TCP**, **UDP**, **GRE**, **ICMP**, or more. | | - +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ - | | **Port**: The port or port range over which traffic can leave your ECS. The value can be from 1 to 65535. | 22, or 22-30 | - +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ - | Type | Source IP address version. You can select: | IPv4 | - | | | | - | | - IPv4 | | - | | - IPv6 | | - +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ - | Destination | Destination of the security group rule. The value can be an IP address or a security group to allow access to IP addresses or instances in the security group. For example: | 0.0.0.0/0 | - | | | | - | | - IP address: | | - | | | | - | | - Single IP address: 192.168.10.10/32 | | - | | - All IP addresses: 0.0.0.0/0 | | - | | - IP address range: 192.168.1.0/24 | | - | | | | - | | - **Security group**: The destination is from another security group. You can select a security group in the same region under the current account from the drop-down list. For example, instance A is in security group A and instance B is in security group B. If security group A has an outbound rule with **Action** set to **Allow** and **Destination** set to security group B, access from instance A is allowed to instance B. | | - +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ - | Description | Supplementary information about the security group rule. This parameter is optional. | N/A | - | | | | - | | The security group rule description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | | - +-----------------------+--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ + | Parameter | Description | Example Value | + +=======================+===============================================================================================================================================================================================================================================================================================================================================================+=======================+ + | Protocol & Port | The network protocol used to match traffic in a security group rule. | TCP | + | | | | + | | Currently, the value can be **All**, **TCP**, **UDP**, **GRE**, **ICMP**, or more. | | + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ + | | **Port**: The port or port range over which traffic can leave your ECS. The value can be from 1 to 65535. | 22, or 22-30 | + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ + | Type | Source IP address version. You can select: | IPv4 | + | | | | + | | - IPv4 | | + | | - IPv6 | | + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ + | Destination | Destination of the security group rule. The value can be an IP address or a security group to allow access to IP addresses or instances in the security group. | 0.0.0.0/0 | + | | | | + | | - IP address: | | + | | | | + | | - Single IP address: 192.168.10.10/32 | | + | | - All IP addresses: 0.0.0.0/0 | | + | | - IP address range: 192.168.1.0/24 | | + | | | | + | | - **Security group**: The source is from another security group. You can select a security group in the same region from the drop-down list. If there is instance A in security group A and instance B in security group B, and the inbound rule of security group A allows traffic from security group B, traffic is allowed from instance B to instance A. | | + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ + | Description | Supplementary information about the security group rule. This parameter is optional. | N/A | + | | | | + | | The security group rule description can contain a maximum of 255 characters and cannot contain angle brackets (< or >). | | + +-----------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ #. Click **OK**. diff --git a/umn/source/monitoring/creating_an_alarm_rule.rst b/umn/source/monitoring/creating_an_alarm_rule.rst index 89a4d13..cfe6898 100644 --- a/umn/source/monitoring/creating_an_alarm_rule.rst +++ b/umn/source/monitoring/creating_an_alarm_rule.rst @@ -23,6 +23,12 @@ Procedure 5. On the **Alarm Rules** page, click **Create Alarm Rule** and set required parameters, or modify an existing alarm rule. + + .. figure:: /_static/images/en-us_image_0000001865898552.png + :alt: **Figure 1** Create an alarm rule + + **Figure 1** Create an alarm rule + 6. After the parameters are set, click **Create**. After the alarm rule is created, the system automatically notifies you if an alarm is triggered for the VPC service. diff --git a/umn/source/route_tables/managing_route_tables/creating_a_custom_route_table.rst b/umn/source/route_tables/managing_route_tables/creating_a_custom_route_table.rst index a467fdd..d1d571a 100644 --- a/umn/source/route_tables/managing_route_tables/creating_a_custom_route_table.rst +++ b/umn/source/route_tables/managing_route_tables/creating_a_custom_route_table.rst @@ -31,7 +31,7 @@ Procedure 5. In the upper right corner, click **Create Route Table**. On the displayed page, configure parameters as prompted. - .. figure:: /_static/images/en-us_image_0000001818983038.png + .. figure:: /_static/images/en-us_image_0000001865582789.png :alt: **Figure 1** Create Route Table **Figure 1** Create Route Table diff --git a/umn/source/route_tables/managing_route_tables/viewing_route_table_information.rst b/umn/source/route_tables/managing_route_tables/viewing_route_table_information.rst index 287b79d..94a6de1 100644 --- a/umn/source/route_tables/managing_route_tables/viewing_route_table_information.rst +++ b/umn/source/route_tables/managing_route_tables/viewing_route_table_information.rst @@ -32,7 +32,20 @@ Procedure The route table details page is displayed. a. On the **Summary** tab page, view the basic information and routes of the route table. + + + .. figure:: /_static/images/en-us_image_0000001866063864.png + :alt: **Figure 1** View the basic information and routes of the route table + + **Figure 1** View the basic information and routes of the route table + b. On the **Associated Subnets** tab page, view the subnets associated with the route table. + + .. figure:: /_static/images/en-us_image_0000001911853289.png + :alt: **Figure 2** View the subnets associated with the route table + + **Figure 2** View the subnets associated with the route table + .. |image1| image:: /_static/images/en-us_image_0000001818982734.png .. |image2| image:: /_static/images/en-us_image_0000001865582825.png diff --git a/umn/source/route_tables/managing_route_tables/viewing_the_route_table_associated_with_a_subnet.rst b/umn/source/route_tables/managing_route_tables/viewing_the_route_table_associated_with_a_subnet.rst index 0769822..bc69042 100644 --- a/umn/source/route_tables/managing_route_tables/viewing_the_route_table_associated_with_a_subnet.rst +++ b/umn/source/route_tables/managing_route_tables/viewing_the_route_table_associated_with_a_subnet.rst @@ -31,9 +31,21 @@ Procedure 6. In the right of the subnet details page, view the route table associated with the subnet. + + .. figure:: /_static/images/en-us_image_0000001911849797.png + :alt: **Figure 1** View the route table associated with a subnet + + **Figure 1** View the route table associated with a subnet + 7. Click the name of the route table. The route table details page is displayed. You can further view the route information. + + .. figure:: /_static/images/en-us_image_0000001911771617.png + :alt: **Figure 2** View the basic information and routes of the route table + + **Figure 2** View the basic information and routes of the route table + .. |image1| image:: /_static/images/en-us_image_0000001818982734.png .. |image2| image:: /_static/images/en-us_image_0000001865582701.png diff --git a/umn/source/route_tables/managing_routes/adding_a_custom_route.rst b/umn/source/route_tables/managing_routes/adding_a_custom_route.rst index 63d8f33..b666c1d 100644 --- a/umn/source/route_tables/managing_routes/adding_a_custom_route.rst +++ b/umn/source/route_tables/managing_routes/adding_a_custom_route.rst @@ -35,7 +35,7 @@ Procedure You can click **+** to add more routes. - .. figure:: /_static/images/en-us_image_0000001818823258.png + .. figure:: /_static/images/en-us_image_0000001865582793.png :alt: **Figure 1** Add Route **Figure 1** Add Route @@ -45,6 +45,12 @@ Procedure +-----------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------+ | Parameter | Description | Example Value | +=======================+======================================================================================================================================================================+========================+ + | Destination Type | Mandatory | IP address | + | | | | + | | The destination can be: | | + | | | | + | | - IP address: single IP address or IP address range | | + +-----------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------+------------------------+ | Destination | Mandatory | IPv4: 192.168.0.0/16 | | | | | | | Enter the destination of the route. You can enter a single IP address or an IP address range in CIDR notation. | | diff --git a/umn/source/route_tables/managing_routes/modifying_a_route.rst b/umn/source/route_tables/managing_routes/modifying_a_route.rst index 2100ef8..c0b34f1 100644 --- a/umn/source/route_tables/managing_routes/modifying_a_route.rst +++ b/umn/source/route_tables/managing_routes/modifying_a_route.rst @@ -40,7 +40,13 @@ Procedure +-----------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ | Item | Description | Example Value | +=======================+======================================================================================================================================================================+=======================+ - | Destination | Mandatory | Pv4: 192.168.0.0/16 | + | Destination Type | Mandatory | IP address | + | | | | + | | The destination can be: | | + | | | | + | | - **IP address**: Select this option if you want to enter an IP address or IP address range. | | + +-----------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------------------+-----------------------+ + | Destination | Mandatory | IPv4: 192.168.0.0/16 | | | | | | | Enter the destination of the route. You can enter a single IP address or an IP address range in CIDR notation. | | | | | | diff --git a/umn/source/virtual_ip_address/assigning_a_virtual_ip_address.rst b/umn/source/virtual_ip_address/assigning_a_virtual_ip_address.rst index 1925871..aa30bf3 100644 --- a/umn/source/virtual_ip_address/assigning_a_virtual_ip_address.rst +++ b/umn/source/virtual_ip_address/assigning_a_virtual_ip_address.rst @@ -27,6 +27,12 @@ Procedure #. Click the **IP Addresses** tab and click **Assign Virtual IP Address**. + + .. figure:: /_static/images/en-us_image_0000001866046474.png + :alt: **Figure 1** Assign a virtual IP address + + **Figure 1** Assign a virtual IP address + #. Select an IP address type. This parameter is available only in regions supporting IPv6. - IPv4 diff --git a/umn/source/vpc_and_subnet/subnet/creating_a_subnet_for_the_vpc.rst b/umn/source/vpc_and_subnet/subnet/creating_a_subnet_for_the_vpc.rst index c72b29e..9a5441b 100644 --- a/umn/source/vpc_and_subnet/subnet/creating_a_subnet_for_the_vpc.rst +++ b/umn/source/vpc_and_subnet/subnet/creating_a_subnet_for_the_vpc.rst @@ -81,27 +81,27 @@ Procedure .. table:: **Table 2** Subnet tag key and value requirements - +-----------------------+---------------------------------------------------------------------+-----------------------+ - | Parameter | Requirements | Example Value | - +=======================+=====================================================================+=======================+ - | Key | - Cannot be left blank. | subnet_key1 | - | | - Must be unique for each subnet. | | - | | - Can contain a maximum of 36 characters. | | - | | - Can contain only the following character types: | | - | | | | - | | - Uppercase letters | | - | | - Lowercase letters | | - | | - Digits | | - | | - Special characters, including hyphens (-) and underscores (_) | | - +-----------------------+---------------------------------------------------------------------+-----------------------+ - | Value | - Can contain a maximum of 43 characters. | subnet-01 | - | | - Can contain only the following character types: | | - | | | | - | | - Uppercase letters | | - | | - Lowercase letters | | - | | - Digits | | - | | - Special characters, including hyphens (-) and underscores (_) | | - +-----------------------+---------------------------------------------------------------------+-----------------------+ + +-----------------------+------------------------------------------------------------------------+-----------------------+ + | Parameter | Requirements | Example Value | + +=======================+========================================================================+=======================+ + | Key | - Cannot be left blank. | subnet_key1 | + | | - Must be unique for each subnet. | | + | | - Can contain a maximum of 36 characters. | | + | | - Can contain only the following character types: | | + | | | | + | | - Uppercase letters | | + | | - Lowercase letters | | + | | - Digits | | + | | - Only hyphens (-), underscores (_), and at signs (@) are allowed. | | + +-----------------------+------------------------------------------------------------------------+-----------------------+ + | Value | - Can contain a maximum of 43 characters. | subnet-01 | + | | - Can contain only the following character types: | | + | | | | + | | - Uppercase letters | | + | | - Lowercase letters | | + | | - Digits | | + | | - Only underscores (_), hyphens (-), and at signs (@) are allowed. | | + +-----------------------+------------------------------------------------------------------------+-----------------------+ 7. Click **OK**. diff --git a/umn/source/vpc_and_subnet/subnet/managing_subnet_tags.rst b/umn/source/vpc_and_subnet/subnet/managing_subnet_tags.rst index 9d0e665..f83364f 100644 --- a/umn/source/vpc_and_subnet/subnet/managing_subnet_tags.rst +++ b/umn/source/vpc_and_subnet/subnet/managing_subnet_tags.rst @@ -18,27 +18,27 @@ A tag consists of a key and value pair. :ref:`Table 1 `. diff --git a/umn/source/vpc_peering_connection/modifying_a_vpc_peering_connection.rst b/umn/source/vpc_peering_connection/modifying_a_vpc_peering_connection.rst index 159d7d8..bfff832 100644 --- a/umn/source/vpc_peering_connection/modifying_a_vpc_peering_connection.rst +++ b/umn/source/vpc_peering_connection/modifying_a_vpc_peering_connection.rst @@ -8,7 +8,7 @@ Modifying a VPC Peering Connection Scenarios --------- -This section describes how to modify the name of a VPC peering connection. +This section describes how to modify the basic information about a VPC peering connection, including its name and description. Either owner of a VPC in a peering connection can modify the VPC peering connection in any state. diff --git a/umn/source/vpc_peering_connection/modifying_routes_configured_for_a_vpc_peering_connection.rst b/umn/source/vpc_peering_connection/modifying_routes_configured_for_a_vpc_peering_connection.rst index 183da5d..28f0038 100644 --- a/umn/source/vpc_peering_connection/modifying_routes_configured_for_a_vpc_peering_connection.rst +++ b/umn/source/vpc_peering_connection/modifying_routes_configured_for_a_vpc_peering_connection.rst @@ -36,29 +36,13 @@ Modifying Routes of a VPC Peering Connection Between VPCs in the Same Account The page showing the VPC peering connection details is displayed. -#. Modify the route added to the route table of the local VPC: +#. In the route list, click the route table hyperlink of the route. - a. Click the **Local Routes** tab and then click the **Route Tables** hyperlink. + The route table details page is displayed. - The **Summary** tab of the default route table for the local VPC is displayed. +#. In the route list, locate the route and click **Modify** in the **Operation** column. - b. Locate the row that contains the route to be modified and click **Modify** in the **Operation** column. - - The **Modify Route** dialog box is displayed. - - c. Modify the route and click **OK**. - -#. Modify the route added to the route table of the peer VPC: - - a. Click the **Peer Routes** tab and then click the **Route Tables** hyperlink. - - The **Summary** tab of the default route table for the peer VPC is displayed. - - b. Locate the row that contains the route to be modified and click **Modify** in the **Operation** column. - - The **Modify Route** dialog box is displayed. - - c. Modify the route and click **OK**. +#. Modify the route and click **OK**. .. _vpc_peering_0007__section47866392497: @@ -85,17 +69,13 @@ Only the account owner of a VPC can modify the routes added for the connection. The page showing the VPC peering connection details is displayed. - e. Modify the route added to the route table of the local VPC: + e. In the route list, click the route table hyperlink of the route. - #. Click the **Local Routes** tab and then click the **Route Tables** hyperlink. + The route table details page is displayed. - The **Summary** tab of the default route table for the local VPC is displayed. + f. In the route list, locate the route and click **Modify** in the **Operation** column. - #. Locate the row that contains the route to be modified and click **Modify** in the **Operation** column. - - The **Modify Route** dialog box is displayed. - - #. Modify the route and click **OK**. + g. Modify the route and click **OK**. #. Log in to the management console using the account of the peer VPC and modify the route of the peer VPC by referring to :ref:`1 `. diff --git a/umn/source/vpc_peering_connection/viewing_routes_configured_for_a_vpc_peering_connection.rst b/umn/source/vpc_peering_connection/viewing_routes_configured_for_a_vpc_peering_connection.rst index d8a02d3..5d29f4d 100644 --- a/umn/source/vpc_peering_connection/viewing_routes_configured_for_a_vpc_peering_connection.rst +++ b/umn/source/vpc_peering_connection/viewing_routes_configured_for_a_vpc_peering_connection.rst @@ -36,10 +36,15 @@ Viewing Routes of a VPC Peering Connection Between VPCs in the Same Account The page showing the VPC peering connection details is displayed. -6. View the routes added for the VPC peering connection: +6. In the route list, view the route information. - a. Click the **Local Routes** tab to view the local route added for the VPC peering connection. - b. Click the **Peer Routes** tab to view the peer route added for the VPC peering connection. + You can view the route destination, VPC, next hop, route table, and more. + + + .. figure:: /_static/images/en-us_image_0000001865828728.png + :alt: **Figure 1** View routes of a VPC peering connection between VPCs in the same account + + **Figure 1** View routes of a VPC peering connection between VPCs in the same account .. _vpc_peering_0004__section92403501475: @@ -66,10 +71,24 @@ Only the account owner of a VPC in a VPC peering connection can view the routes The page showing the VPC peering connection details is displayed. - e. Click the **Local Routes** tab to view the local route added for the VPC peering connection. + e. In the route list, view the route information. + + You can view the route destination, VPC, next hop, route table, and more. + + + .. figure:: /_static/images/en-us_image_0000001865833004.png + :alt: **Figure 2** View the local routes of a VPC peering connection between VPCs in different accounts + + **Figure 2** View the local routes of a VPC peering connection between VPCs in different accounts #. Log in to the management console using the account of the peer VPC and view the route of the peer VPC by referring to :ref:`1 `. + + .. figure:: /_static/images/en-us_image_0000001865674836.png + :alt: **Figure 3** View the peer routes of a VPC peering connection between VPCs in different accounts + + **Figure 3** View the peer routes of a VPC peering connection between VPCs in different accounts + .. |image1| image:: /_static/images/en-us_image_0000001818982734.png .. |image2| image:: /_static/images/en-us_image_0000001865662765.png .. |image3| image:: /_static/images/en-us_image_0000001818982734.png diff --git a/umn/source/vpc_peering_connection/viewing_vpc_peering_connections.rst b/umn/source/vpc_peering_connection/viewing_vpc_peering_connections.rst index 8b2258d..e928051 100644 --- a/umn/source/vpc_peering_connection/viewing_vpc_peering_connections.rst +++ b/umn/source/vpc_peering_connection/viewing_vpc_peering_connections.rst @@ -31,5 +31,11 @@ Procedure On the displayed page, view details about the VPC peering connection. + + .. figure:: /_static/images/en-us_image_0000001865884494.png + :alt: **Figure 1** View VPC peering connections + + **Figure 1** View VPC peering connections + .. |image1| image:: /_static/images/en-us_image_0000001818982734.png .. |image2| image:: /_static/images/en-us_image_0000001865663213.png