vpruthi/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
doc-exports/docs/vpc/umn/vpc_SecurityGroup_0007.html
Qin Ying, Fan 28eafd163b VPC UMN 20240422 version 
Reviewed-by: Sarda, Priya <prsarda@noreply.gitea.eco.tsi-dev.otc-service.com>
Co-authored-by: Qin Ying, Fan <fanqinying@huawei.com>
Co-committed-by: Qin Ying, Fan <fanqinying@huawei.com>
2024-05-06 10:08:31 +00:00

88 lines
13 KiB
HTML
Raw Blame History

<a name="vpc_SecurityGroup_0007"></a><a name="vpc_SecurityGroup_0007"></a>
<h1 class="topictitle1">Importing and Exporting Security Group Rules</h1>
<div id="body1532596616252"><div class="section" id="vpc_SecurityGroup_0007__sb919f19c991141d79a2deb79cec11a15"><h4 class="sectiontitle">Scenarios</h4><p id="vpc_SecurityGroup_0007__p187061813582">You can configure security group rules in an Excel file and import the rules to the security group. You can also export security group rules to an Excel file. You are advised to use this function in the following scenarios:</p>
<ul id="vpc_SecurityGroup_0007__ul13420145795717"><li id="vpc_SecurityGroup_0007__li1942085715578">If you want to quickly create or restore a security group rule, you can import your exported security group rule file to the security group.</li><li id="vpc_SecurityGroup_0007__li13425175916573">If you want to back up security group rules locally, you can export the rules to an Excel file.</li><li id="vpc_SecurityGroup_0007__li9625310125812">If you want to quickly apply the rules of one security group to another, or if you want to modify multiple rules of the current security group at once, you can import or export existing rules.</li></ul>
</div>
<div class="section" id="vpc_SecurityGroup_0007__section108791581539"><h4 class="sectiontitle">Notes and Constraints</h4><ul id="vpc_SecurityGroup_0007__ul78961835941"><li id="vpc_SecurityGroup_0007__li138962035648">The security group rules to be imported must be configured based on the template. Do not add parameters or change existing parameters. Otherwise, the import will fail.</li><li id="vpc_SecurityGroup_0007__li271694161219">Duplicate rules are not allowed, you can delete the rule and try again.</li><li id="vpc_SecurityGroup_0007__li1452682081415">If you want to import rules of the security group in one region to another under one account, only rules with both <strong id="vpc_SecurityGroup_0007__b146312016191411">Source</strong> and <strong id="vpc_SecurityGroup_0007__b1963219167147">Destination</strong> set to <strong id="vpc_SecurityGroup_0007__b16632916141410">IP address</strong> can be applied.</li><li id="vpc_SecurityGroup_0007__li458710241968">If you want to import rules of the security group in one account to the security group in another account, only rules with both <strong id="vpc_SecurityGroup_0007__b19482544103915">Source</strong> and <strong id="vpc_SecurityGroup_0007__b8482124420390">Destination</strong> set to <strong id="vpc_SecurityGroup_0007__b114828444398">IP address</strong> can be applied.</li></ul>
</div>
<div class="section" id="vpc_SecurityGroup_0007__s11af639d48c249b7931632bf078259f9"><h4 class="sectiontitle">Procedure</h4><ol id="vpc_SecurityGroup_0007__o6443fe3091504324ae187734a064656b"><li id="vpc_SecurityGroup_0007__li2849879021595">Log in to the management console.</li><li id="vpc_SecurityGroup_0007__li840318282158">Click <span><img id="vpc_SecurityGroup_0007__en-us_topic_0118498823_image338921514480" src="en-us_image_0000001818982734.png"></span> in the upper left corner and select the desired region and project.</li><li id="vpc_SecurityGroup_0007__li65321958215">Click <span><img id="vpc_SecurityGroup_0007__en-us_topic_0118498850_image8750174734412" src="en-us_image_0000001865582585.png"></span> in the upper left corner and choose <strong id="vpc_SecurityGroup_0007__b3897143918359"><span id="vpc_SecurityGroup_0007__text10897193973516">Network</span><span id="vpc_SecurityGroup_0007__text489723903517"></span></strong> &gt; <strong id="vpc_SecurityGroup_0007__b11897739193516">Virtual Private Cloud</strong>.<p id="vpc_SecurityGroup_0007__p1182103318256">The <strong id="vpc_SecurityGroup_0007__b1515934663513">Virtual Private Cloud</strong> page is displayed.</p>
</li><li id="vpc_SecurityGroup_0007__li15281162517570">In the navigation pane on the left, choose <strong id="vpc_SecurityGroup_0007__b177418281484">Access Control</strong> &gt; <strong id="vpc_SecurityGroup_0007__b137414281889">Security Groups</strong>.<p id="vpc_SecurityGroup_0007__p40747164518">The security group list is displayed.</p>
</li><li id="vpc_SecurityGroup_0007__li14326105618270">On the security group list, click the name of the target security group.<p id="vpc_SecurityGroup_0007__p18516150122813"><a name="vpc_SecurityGroup_0007__li14326105618270"></a><a name="li14326105618270"></a>The security group details page is displayed.</p>
</li><li id="vpc_SecurityGroup_0007__li1858140142816">Export and import security group rules.<ul id="vpc_SecurityGroup_0007__ul663754418286"><li id="vpc_SecurityGroup_0007__li66371344192817">Click <span><img id="vpc_SecurityGroup_0007__image1635210183343" src="en-us_image_0000001818823050.png"></span> to export all rules of the current security group to an Excel file.</li><li id="vpc_SecurityGroup_0007__li13637114492815">Click <span><img id="vpc_SecurityGroup_0007__image1960102819356" src="en-us_image_0000001818982838.png"></span> to import security group rules from an Excel file into the current security group.<div class="p" id="vpc_SecurityGroup_0007__p201019480251"><a href="#vpc_SecurityGroup_0007__table111445216564">Table 1</a> describes the parameters in the template for importing rules.
<div class="tablenoborder"><a name="vpc_SecurityGroup_0007__table111445216564"></a><a name="table111445216564"></a><table cellpadding="4" cellspacing="0" summary="" id="vpc_SecurityGroup_0007__table111445216564" width="90%" frame="border" border="1" rules="all"><caption><b>Table 1 </b>Template parameters</caption><thead align="left"><tr id="vpc_SecurityGroup_0007__row1811565205613"><th align="left" class="cellrowborder" valign="top" width="12.7%" id="mcps1.3.3.2.6.1.2.2.2.2.4.1.1"><p id="vpc_SecurityGroup_0007__p51151452125620">Parameter</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="69.3%" id="mcps1.3.3.2.6.1.2.2.2.2.4.1.2"><p id="vpc_SecurityGroup_0007__p5115552175613">Description</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="18%" id="mcps1.3.3.2.6.1.2.2.2.2.4.1.3"><p id="vpc_SecurityGroup_0007__p711565219563">Example Value</p>
</th>
</tr>
</thead>
<tbody><tr id="vpc_SecurityGroup_0007__row1116975252612"><td class="cellrowborder" valign="top" width="12.7%" headers="mcps1.3.3.2.6.1.2.2.2.2.4.1.1 "><p id="vpc_SecurityGroup_0007__p11170105215264">Direction</p>
</td>
<td class="cellrowborder" valign="top" width="69.3%" headers="mcps1.3.3.2.6.1.2.2.2.2.4.1.2 "><div class="p" id="vpc_SecurityGroup_0007__p2017085217268">The direction in which the security group rule takes effect. <ul id="vpc_SecurityGroup_0007__ul124611719113210"><li id="vpc_SecurityGroup_0007__li1146111194322"><strong id="vpc_SecurityGroup_0007__b9701375345">Inbound</strong>: Inbound rules control incoming traffic to instances in the security group.</li><li id="vpc_SecurityGroup_0007__li2461141903214"><strong id="vpc_SecurityGroup_0007__b19239584341">Outbound</strong>: Outbound rules control outgoing traffic from instances in the security group.</li></ul>
</div>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.3.2.6.1.2.2.2.2.4.1.3 "><p id="vpc_SecurityGroup_0007__p21703526267">Inbound</p>
</td>
</tr>
<tr id="vpc_SecurityGroup_0007__row9115105219562"><td class="cellrowborder" rowspan="2" valign="top" width="12.7%" headers="mcps1.3.3.2.6.1.2.2.2.2.4.1.1 "><p id="vpc_SecurityGroup_0007__p151157525565">Protocol &amp; Port</p>
</td>
<td class="cellrowborder" valign="top" width="69.3%" headers="mcps1.3.3.2.6.1.2.2.2.2.4.1.2 "><p id="vpc_SecurityGroup_0007__p1711515526562">The network protocol used to match traffic in a security group rule.</p>
<p id="vpc_SecurityGroup_0007__p351414253416">Currently, the value can be <strong id="vpc_SecurityGroup_0007__b175127619775049">All</strong>, <strong id="vpc_SecurityGroup_0007__b98084022575049">TCP</strong>, <strong id="vpc_SecurityGroup_0007__b12139580175049">UDP</strong>, <strong id="vpc_SecurityGroup_0007__b48561436475049">GRE</strong>, <strong id="vpc_SecurityGroup_0007__b36015533275049">ICMP</strong>, or more.</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.3.2.6.1.2.2.2.2.4.1.3 "><p id="vpc_SecurityGroup_0007__p193908441914">TCP</p>
</td>
</tr>
<tr id="vpc_SecurityGroup_0007__row6510532121511"><td class="cellrowborder" valign="top" headers="mcps1.3.3.2.6.1.2.2.2.2.4.1.1 "><p id="vpc_SecurityGroup_0007__p12230141919283"><strong id="vpc_SecurityGroup_0007__b8701057121813">Port</strong>: The port or port range over which traffic can reach your ECS. The value can be from 1 to 65535.</p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.3.2.6.1.2.2.2.2.4.1.2 "><p id="vpc_SecurityGroup_0007__p1551023251511">22, or 22-30</p>
</td>
</tr>
<tr id="vpc_SecurityGroup_0007__row1726912412166"><td class="cellrowborder" valign="top" width="12.7%" headers="mcps1.3.3.2.6.1.2.2.2.2.4.1.1 "><p id="vpc_SecurityGroup_0007__p1826920421620">Type</p>
</td>
<td class="cellrowborder" valign="top" width="69.3%" headers="mcps1.3.3.2.6.1.2.2.2.2.4.1.2 "><div class="p" id="vpc_SecurityGroup_0007__p1426910441613">Source IP address version. You can select:<ul id="vpc_SecurityGroup_0007__en-us_topic_0118534005_ul15119151171711"><li id="vpc_SecurityGroup_0007__en-us_topic_0118534005_li1211911171719">IPv4</li><li id="vpc_SecurityGroup_0007__en-us_topic_0118534005_li4415118173">IPv6</li></ul>
</div>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.3.2.6.1.2.2.2.2.4.1.3 "><p id="vpc_SecurityGroup_0007__p848952751718">IPv4</p>
</td>
</tr>
<tr id="vpc_SecurityGroup_0007__row511615528561"><td class="cellrowborder" valign="top" width="12.7%" headers="mcps1.3.3.2.6.1.2.2.2.2.4.1.1 "><p id="vpc_SecurityGroup_0007__p86899991813">Source</p>
</td>
<td class="cellrowborder" valign="top" width="69.3%" headers="mcps1.3.3.2.6.1.2.2.2.2.4.1.2 "><div class="p" id="vpc_SecurityGroup_0007__p18116175212564">Source of the security group rule. The value can be an IP address or a security group to allow access from IP addresses or instances in the security group. <ul id="vpc_SecurityGroup_0007__en-us_topic_0118534005_ul12116352195619"><li id="vpc_SecurityGroup_0007__en-us_topic_0118534005_li0541721414">IP address:<ul id="vpc_SecurityGroup_0007__en-us_topic_0118534005_ul554172946"><li id="vpc_SecurityGroup_0007__en-us_topic_0118534005_li19301951584">Single IP address: 192.168.10.10/32</li><li id="vpc_SecurityGroup_0007__en-us_topic_0118534005_li530357816">All IP addresses: 0.0.0.0/0</li><li id="vpc_SecurityGroup_0007__en-us_topic_0118534005_li330351881">IP address range: 192.168.1.0/24</li></ul>
</li><li id="vpc_SecurityGroup_0007__en-us_topic_0118534005_li1593411297324"><strong id="vpc_SecurityGroup_0007__b1687272015108">Security group</strong>: The source is from another security group. You can select a security group in the same region from the drop-down list. If there is instance A in security group A and instance B in security group B, and the inbound rule of security group A allows traffic from security group B, traffic is allowed from instance B to instance A.</li></ul>
</div>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.3.2.6.1.2.2.2.2.4.1.3 "><p id="vpc_SecurityGroup_0007__p611613524569">sg-test[96a8a93f-XXX-d7872990c314]</p>
</td>
</tr>
<tr id="vpc_SecurityGroup_0007__row155972039183215"><td class="cellrowborder" valign="top" width="12.7%" headers="mcps1.3.3.2.6.1.2.2.2.2.4.1.1 "><p id="vpc_SecurityGroup_0007__p15617623172315">Destination</p>
</td>
<td class="cellrowborder" valign="top" width="69.3%" headers="mcps1.3.3.2.6.1.2.2.2.2.4.1.2 "><p id="vpc_SecurityGroup_0007__p196171823152315">Destination of the security group rule. The value can be an IP address or a security group to allow access to IP addresses or instances in the security group. </p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.3.2.6.1.2.2.2.2.4.1.3 "><p id="vpc_SecurityGroup_0007__p4617102352310">sg-test[96a8a93f-XXX-d7872990c314]</p>
</td>
</tr>
<tr id="vpc_SecurityGroup_0007__row111615525565"><td class="cellrowborder" valign="top" width="12.7%" headers="mcps1.3.3.2.6.1.2.2.2.2.4.1.1 "><p id="vpc_SecurityGroup_0007__p1711655217565">Description</p>
</td>
<td class="cellrowborder" valign="top" width="69.3%" headers="mcps1.3.3.2.6.1.2.2.2.2.4.1.2 "><p id="vpc_SecurityGroup_0007__p1211611525564">(Optional) Supplementary information about the security group rule.</p>
<p id="vpc_SecurityGroup_0007__p6116175225613">The route description can contain a maximum of 255 characters and cannot contain angle brackets (&lt; or &gt;).</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.3.2.6.1.2.2.2.2.4.1.3 "><p id="vpc_SecurityGroup_0007__p3116115216568">-</p>
</td>
</tr>
</tbody>
</table>
</div>
</div>
</li></ul>
</li></ol>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="vpc_SecurityGroup_0013.html">Managing Security Group Rules</a></div>
</div>
</div>
View Git Blame Copy Permalink