vpruthi/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
doc-exports/docs/vpc/umn/SecurityGroup_0003.html
Qin Ying, Fan 662ede2c6b VPC UMN 20240105 version 
Reviewed-by: Sarda, Priya <prsarda@noreply.gitea.eco.tsi-dev.otc-service.com>
Co-authored-by: Qin Ying, Fan <fanqinying@huawei.com>
Co-committed-by: Qin Ying, Fan <fanqinying@huawei.com>
2024-04-18 12:13:40 +00:00

55 lines
5.1 KiB
HTML
Raw Permalink Blame History

<a name="SecurityGroup_0003"></a><a name="SecurityGroup_0003"></a>
<h1 class="topictitle1">Default Security Group and Its Rules</h1>
<div id="body1529924412907"><div class="p" id="SecurityGroup_0003__p38211617154214">If you have not created any security groups yet, the system automatically creates a default security group for you and associates it with the instance when you create it. A default security group has the following rules:<ul id="SecurityGroup_0003__ul13643173351019"><li id="SecurityGroup_0003__li164313371013">Inbound rules control incoming traffic to instances in a security group. Only instances in the same security group can communicate with each other, and all inbound requests are denied.</li><li id="SecurityGroup_0003__li176437339108">Outbound rules allow all outbound traffic and response traffic to the outbound requests.</li></ul>
</div>
<div class="fignone" id="SecurityGroup_0003__fig997718156161"><span class="figcap"><b>Figure 1 </b>Default security group</span><br><span><img class="eddx" id="SecurityGroup_0003__image22171236172514" src="en-us_image_0000001865662829.png"></span></div>
<div class="note" id="SecurityGroup_0003__note154069174516"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="SecurityGroup_0003__ul13707733161311"><li id="SecurityGroup_0003__li04874352138">You cannot delete the default security group, but you can modify existing rules or add rules to the group.</li><li id="SecurityGroup_0003__li131365102713">The default security group denies all external requests. To log in to an instance associated with this security group, add a security group rule by referring to <a href="en-us_topic_0081124350.html#en-us_topic_0081124350__section14933617154810">Remotely Logging In to an ECS from a Local Server</a>.</li></ul>
</div></div>
<p id="SecurityGroup_0003__p14738751115618"><a href="#SecurityGroup_0003__table493045171919">Table 1</a> describes the default rules for the default security group.</p>
<div class="tablenoborder"><a name="SecurityGroup_0003__table493045171919"></a><a name="table493045171919"></a><table cellpadding="4" cellspacing="0" summary="" id="SecurityGroup_0003__table493045171919" frame="border" border="1" rules="all"><caption><b>Table 1 </b>Default security group rules</caption><thead align="left"><tr id="SecurityGroup_0003__row12930145141920"><th align="left" class="cellrowborder" valign="top" width="11.83%" id="mcps1.3.5.2.6.1.1"><p id="SecurityGroup_0003__p3930145118194">Direction</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="11.97%" id="mcps1.3.5.2.6.1.2"><p id="SecurityGroup_0003__p129301851131913">Protocol</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="15%" id="mcps1.3.5.2.6.1.3"><p id="SecurityGroup_0003__p093075141919">Port/Range</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="25.22%" id="mcps1.3.5.2.6.1.4"><p id="SecurityGroup_0003__p149306511191">Source/Destination</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="35.980000000000004%" id="mcps1.3.5.2.6.1.5"><p id="SecurityGroup_0003__p99301851161916">Description</p>
</th>
</tr>
</thead>
<tbody><tr id="SecurityGroup_0003__row17931125111193"><td class="cellrowborder" valign="top" width="11.83%" headers="mcps1.3.5.2.6.1.1 "><p id="SecurityGroup_0003__p1593111518191">Outbound</p>
</td>
<td class="cellrowborder" valign="top" width="11.97%" headers="mcps1.3.5.2.6.1.2 "><p id="SecurityGroup_0003__p19931105117191">All</p>
</td>
<td class="cellrowborder" valign="top" width="15%" headers="mcps1.3.5.2.6.1.3 "><p id="SecurityGroup_0003__p15931651181920">All</p>
</td>
<td class="cellrowborder" valign="top" width="25.22%" headers="mcps1.3.5.2.6.1.4 "><p id="SecurityGroup_0003__p179318515196">Destination: 0.0.0.0/0</p>
</td>
<td class="cellrowborder" valign="top" width="35.980000000000004%" headers="mcps1.3.5.2.6.1.5 "><p id="SecurityGroup_0003__p49315518196">Allows all outbound traffic.</p>
</td>
</tr>
<tr id="SecurityGroup_0003__row109311451131911"><td class="cellrowborder" valign="top" width="11.83%" headers="mcps1.3.5.2.6.1.1 "><p id="SecurityGroup_0003__p1293111513193">Inbound</p>
</td>
<td class="cellrowborder" valign="top" width="11.97%" headers="mcps1.3.5.2.6.1.2 "><p id="SecurityGroup_0003__p1493105115194">All</p>
</td>
<td class="cellrowborder" valign="top" width="15%" headers="mcps1.3.5.2.6.1.3 "><p id="SecurityGroup_0003__p1593155181920">All</p>
</td>
<td class="cellrowborder" valign="top" width="25.22%" headers="mcps1.3.5.2.6.1.4 "><p id="SecurityGroup_0003__p593115141917">Source: the current security group (for example, sg-<em id="SecurityGroup_0003__i2138146127154428">xxxxx</em>)</p>
</td>
<td class="cellrowborder" valign="top" width="35.980000000000004%" headers="mcps1.3.5.2.6.1.5 "><p id="SecurityGroup_0003__p2931151121912">Allows communications among ECSs within the security group and denies all inbound traffic (incoming data packets).</p>
</td>
</tr>
</tbody>
</table>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="vpc_SecurityGroup_0001.html">Security Group</a></div>
</div>
</div>
View Git Blame Copy Permalink