vpruthi/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
doc-exports/docs/vpc/umn/SecurityGroup_0004.html
fanqinying 44c0250eec VPC UMN 20241008 version 
Reviewed-by: Sarda, Priya <prsarda@noreply.gitea.eco.tsi-dev.otc-service.com>
Co-authored-by: fanqinying <fanqinying@huawei.com>
Co-committed-by: fanqinying <fanqinying@huawei.com>
2024-11-21 10:14:33 +00:00

149 lines
17 KiB
HTML
Raw Blame History

<a name="SecurityGroup_0004"></a><a name="SecurityGroup_0004"></a>
<h1 class="topictitle1">Fast-Adding Security Group Rules</h1>
<div id="body1529924415554"><div class="section" id="SecurityGroup_0004__section75471104513"><h4 class="sectiontitle">Scenarios</h4><p id="SecurityGroup_0004__p1185514308553">The fast-adding rule function of security groups allows you to quickly add rules with common ports and protocols for remote login, ping tests, common web services, and database services.</p>
</div>
<div class="section" id="SecurityGroup_0004__section5619104211210"><h4 class="sectiontitle">Procedure</h4><ol id="SecurityGroup_0004__ol193620537316"><li id="SecurityGroup_0004__li2849879021595">Log in to the management console.</li></ol><ol start="2" id="SecurityGroup_0004__ol1527262085715"><li id="SecurityGroup_0004__li11279102515716">Click <span><img id="SecurityGroup_0004__en-us_topic_0118498823_image338921514480" src="en-us_image_0000001818982734.png"></span> in the upper left corner and select the desired region and project.</li><li id="SecurityGroup_0004__li65321958215">Click <span><img id="SecurityGroup_0004__en-us_topic_0118498850_image8750174734412" src="en-us_image_0000001818982858.png"></span> in the upper left corner and choose <strong id="SecurityGroup_0004__b16700132282918"><span id="SecurityGroup_0004__text137001822112915">Network</span><span id="SecurityGroup_0004__text8700132217298"></span></strong> &gt; <strong id="SecurityGroup_0004__b070062213298">Virtual Private Cloud</strong>.<p id="SecurityGroup_0004__p1182103318256">The <strong id="SecurityGroup_0004__b317112962914">Virtual Private Cloud</strong> page is displayed.</p>
</li><li id="SecurityGroup_0004__li18692101019111">In the navigation pane on the left, choose <strong id="SecurityGroup_0004__b73192488916">Access Control</strong> &gt; <strong id="SecurityGroup_0004__b131914485916">Security Groups</strong>.<p id="SecurityGroup_0004__p40747164518">The security group list is displayed.</p>
</li><li id="SecurityGroup_0004__li107071926124612">Locate the row that contains the target security group and click <strong id="SecurityGroup_0004__b126239513917">Manage Rules</strong> in the <strong id="SecurityGroup_0004__b1062355118920">Operation</strong> column.<p id="SecurityGroup_0004__p7920227204615">The page for configuring security group rules is displayed.</p>
</li><li id="SecurityGroup_0004__li1063572655813">On the <strong id="SecurityGroup_0004__b144791401105">Inbound Rules</strong> tab, click <strong id="SecurityGroup_0004__b1547914017109">Fast-Add Rule</strong>.<p id="SecurityGroup_0004__p1442168204914">The <strong id="SecurityGroup_0004__b3732142121018">Fast-Add Inbound Rule</strong> dialog box is displayed.</p>
</li><li id="SecurityGroup_0004__li468912151226">Configure required parameters.<div class="p" id="SecurityGroup_0004__p18991191312513"><a name="SecurityGroup_0004__li468912151226"></a><a name="li468912151226"></a><div class="fignone" id="SecurityGroup_0004__fig126185585719"><span class="figcap"><b>Figure 1 </b>Fast-Add Inbound Rule</span><br><span><img id="SecurityGroup_0004__image17655514575" src="en-us_image_0000002029168046.png"></span></div>
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="SecurityGroup_0004__table111445216564" width="90%" frame="border" border="1" rules="all"><caption><b>Table 1 </b>Inbound rule parameter description</caption><thead align="left"><tr id="SecurityGroup_0004__row1811565205613"><th align="left" class="cellrowborder" valign="top" width="12.7%" id="mcps1.3.2.3.6.1.2.2.4.1.1"><p id="SecurityGroup_0004__p51151452125620">Parameter</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="69.3%" id="mcps1.3.2.3.6.1.2.2.4.1.2"><p id="SecurityGroup_0004__p5115552175613">Description</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="18%" id="mcps1.3.2.3.6.1.2.2.4.1.3"><p id="SecurityGroup_0004__p711565219563">Example Value</p>
</th>
</tr>
</thead>
<tbody><tr id="SecurityGroup_0004__row1752312142513"><td class="cellrowborder" valign="top" width="12.7%" headers="mcps1.3.2.3.6.1.2.2.4.1.1 "><p id="SecurityGroup_0004__p19524121411512">Protocols and Ports</p>
</td>
<td class="cellrowborder" valign="top" width="69.3%" headers="mcps1.3.2.3.6.1.2.2.4.1.2 "><p id="SecurityGroup_0004__p85249141455">Common protocols and ports are provided for:</p>
<ul id="SecurityGroup_0004__ul7923410716"><li id="SecurityGroup_0004__li11921447719">Remote login and ping</li><li id="SecurityGroup_0004__li1931241170">Web services</li><li id="SecurityGroup_0004__li4931244711">Databases</li></ul>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.2.3.6.1.2.2.4.1.3 "><p id="SecurityGroup_0004__p105245148517">SSH (22)</p>
</td>
</tr>
<tr id="SecurityGroup_0004__row1726912412166"><td class="cellrowborder" valign="top" width="12.7%" headers="mcps1.3.2.3.6.1.2.2.4.1.1 "><p id="SecurityGroup_0004__p145615655012">Type</p>
</td>
<td class="cellrowborder" valign="top" width="69.3%" headers="mcps1.3.2.3.6.1.2.2.4.1.2 "><div class="p" id="SecurityGroup_0004__p1426910441613">Source IP address version. You can select:<ul id="SecurityGroup_0004__ul15119151171711"><li id="SecurityGroup_0004__li1211911171719">IPv4</li><li id="SecurityGroup_0004__li4415118173">IPv6</li></ul>
</div>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.2.3.6.1.2.2.4.1.3 "><p id="SecurityGroup_0004__p848952751718">IPv4</p>
</td>
</tr>
<tr id="SecurityGroup_0004__row511615528561"><td class="cellrowborder" valign="top" width="12.7%" headers="mcps1.3.2.3.6.1.2.2.4.1.1 "><p id="SecurityGroup_0004__p86899991813">Source</p>
</td>
<td class="cellrowborder" valign="top" width="69.3%" headers="mcps1.3.2.3.6.1.2.2.4.1.2 "><div class="p" id="SecurityGroup_0004__p18116175212564">Source of the security group rule. The value can be an IP address or a security group to allow access from IP addresses or instances in the security group. You can specify:<ul id="SecurityGroup_0004__ul12116352195619"><li id="SecurityGroup_0004__li18391357452">xxx.xxx.xxx.xxx/32 (IPv4 address)</li><li id="SecurityGroup_0004__li6529544124510">xxx.xxx.xxx.0/24 (IPv4 address range)</li><li id="SecurityGroup_0004__li06004484454">0.0.0.0/0 (all IPv4 addresses)</li><li id="SecurityGroup_0004__li1611612527567">sg-abc (security group)</li></ul>
</div>
<p id="SecurityGroup_0004__p1252129194014">If the source is a security group, this rule will apply to all instances associated with the selected security group.</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.2.3.6.1.2.2.4.1.3 "><p id="SecurityGroup_0004__p611613524569">0.0.0.0/0</p>
</td>
</tr>
<tr id="SecurityGroup_0004__row187668471842"><td class="cellrowborder" valign="top" width="12.7%" headers="mcps1.3.2.3.6.1.2.2.4.1.1 "><p id="SecurityGroup_0004__p1394314020715">Action</p>
</td>
<td class="cellrowborder" valign="top" width="69.3%" headers="mcps1.3.2.3.6.1.2.2.4.1.2 "><div class="p" id="SecurityGroup_0004__p544113202145">Allow or Deny<ul id="SecurityGroup_0004__en-us_topic_0118534005_ul490721712116"><li id="SecurityGroup_0004__en-us_topic_0118534005_li1194212336196">If the <strong id="SecurityGroup_0004__b178008948810144">Action</strong> is set to <strong id="SecurityGroup_0004__b17094006810144">Allow</strong>, access from the source is allowed to ECSs in the security group over specified ports.</li><li id="SecurityGroup_0004__en-us_topic_0118534005_li17907131751116">If the <strong id="SecurityGroup_0004__b1995315323266">Action</strong> is set to <strong id="SecurityGroup_0004__b1295314327261">Deny</strong>, access from the source is denied to ECSs in the security group over specified ports.</li></ul>
</div>
<p id="SecurityGroup_0004__p6192322932">Deny rules take precedence over allow rules of the same priority.</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.2.3.6.1.2.2.4.1.3 "><p id="SecurityGroup_0004__p149431640575">Allow</p>
</td>
</tr>
<tr id="SecurityGroup_0004__row1345544161011"><td class="cellrowborder" valign="top" width="12.7%" headers="mcps1.3.2.3.6.1.2.2.4.1.1 "><p id="SecurityGroup_0004__p7490135617111">Priority</p>
</td>
<td class="cellrowborder" valign="top" width="69.3%" headers="mcps1.3.2.3.6.1.2.2.4.1.2 "><p id="SecurityGroup_0004__p39329432150">Security group rule priority.</p>
<p id="SecurityGroup_0004__p94904561715">The priority value is from 1 to 100. The default value is 1 and has the highest priority. The security group rule with a smaller value has a higher priority.</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.2.3.6.1.2.2.4.1.3 "><p id="SecurityGroup_0004__p849010564113">1</p>
</td>
</tr>
<tr id="SecurityGroup_0004__row111615525565"><td class="cellrowborder" valign="top" width="12.7%" headers="mcps1.3.2.3.6.1.2.2.4.1.1 "><p id="SecurityGroup_0004__p1711655217565">Description</p>
</td>
<td class="cellrowborder" valign="top" width="69.3%" headers="mcps1.3.2.3.6.1.2.2.4.1.2 "><p id="SecurityGroup_0004__p1211611525564">(Optional) Supplementary information about the security group rule.</p>
<p id="SecurityGroup_0004__p6116175225613">The description can contain a maximum of 255 characters and cannot contain angle brackets (&lt; or &gt;).</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.2.3.6.1.2.2.4.1.3 "><p id="SecurityGroup_0004__p3116115216568">-</p>
</td>
</tr>
</tbody>
</table>
</div>
</div>
</li><li id="SecurityGroup_0004__li17702418175013">Click <strong id="SecurityGroup_0004__b8881259141016">OK</strong>.<p id="SecurityGroup_0004__p58147211519">The inbound rule list is displayed and you can view your added rule.</p>
</li><li id="SecurityGroup_0004__li117291459204218">On the <strong id="SecurityGroup_0004__b19622071118">Outbound Rules</strong> tab, click <strong id="SecurityGroup_0004__b962157101112">Fast-Add Rule</strong>.<p id="SecurityGroup_0004__p1964712134312">The <strong id="SecurityGroup_0004__b05251122191119">Fast-Add Outbound Rule</strong> dialog box is displayed.</p>
</li><li id="SecurityGroup_0004__li5604143282711">Configure required parameters.<div class="p" id="SecurityGroup_0004__p383322519611"><a name="SecurityGroup_0004__li5604143282711"></a><a name="li5604143282711"></a><div class="fignone" id="SecurityGroup_0004__fig15513445919"><span class="figcap"><b>Figure 2 </b>Fast-Add Outbound Rule</span><br><span><img id="SecurityGroup_0004__image85514105916" src="en-us_image_0000002065209133.png"></span></div>
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="SecurityGroup_0004__table0614192319232" width="90%" frame="border" border="1" rules="all"><caption><b>Table 2 </b>Outbound rule parameter description</caption><thead align="left"><tr id="SecurityGroup_0004__row19614623202312"><th align="left" class="cellrowborder" valign="top" width="12.34%" id="mcps1.3.2.3.9.1.2.2.4.1.1"><p id="SecurityGroup_0004__p361592319230">Parameter</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="69.66%" id="mcps1.3.2.3.9.1.2.2.4.1.2"><p id="SecurityGroup_0004__p1961514231232">Description</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="18%" id="mcps1.3.2.3.9.1.2.2.4.1.3"><p id="SecurityGroup_0004__p1061552372311">Example Value</p>
</th>
</tr>
</thead>
<tbody><tr id="SecurityGroup_0004__row14676163319151"><td class="cellrowborder" valign="top" width="12.34%" headers="mcps1.3.2.3.9.1.2.2.4.1.1 "><p id="SecurityGroup_0004__p28238482155">Protocols and Ports</p>
</td>
<td class="cellrowborder" valign="top" width="69.66%" headers="mcps1.3.2.3.9.1.2.2.4.1.2 "><p id="SecurityGroup_0004__p282334881515">Common protocols and ports are provided for:</p>
<ul id="SecurityGroup_0004__ul188239489152"><li id="SecurityGroup_0004__li1482384818154">Remote login and ping</li><li id="SecurityGroup_0004__li582394816156">Web services</li><li id="SecurityGroup_0004__li1782364810159">Databases</li></ul>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.2.3.9.1.2.2.4.1.3 "><p id="SecurityGroup_0004__p282312485151">SSH (22)</p>
</td>
</tr>
<tr id="SecurityGroup_0004__row86161423202313"><td class="cellrowborder" valign="top" width="12.34%" headers="mcps1.3.2.3.9.1.2.2.4.1.1 "><p id="SecurityGroup_0004__p28692212720">Type</p>
</td>
<td class="cellrowborder" valign="top" width="69.66%" headers="mcps1.3.2.3.9.1.2.2.4.1.2 "><div class="p" id="SecurityGroup_0004__p1586122210715">Source IP address version. You can select:<ul id="SecurityGroup_0004__ul88619221475"><li id="SecurityGroup_0004__li986162218718">IPv4</li><li id="SecurityGroup_0004__li13864227714">IPv6</li></ul>
</div>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.2.3.9.1.2.2.4.1.3 "><p id="SecurityGroup_0004__p48618221379">IPv4</p>
</td>
</tr>
<tr id="SecurityGroup_0004__row2617112315232"><td class="cellrowborder" valign="top" width="12.34%" headers="mcps1.3.2.3.9.1.2.2.4.1.1 "><p id="SecurityGroup_0004__p15617623172315">Destination</p>
</td>
<td class="cellrowborder" valign="top" width="69.66%" headers="mcps1.3.2.3.9.1.2.2.4.1.2 "><div class="p" id="SecurityGroup_0004__p196171823152315">Destination of the security group rule. The value can be an IP address or a security group to allow access to IP addresses or instances in the security group. You can specify:<ul id="SecurityGroup_0004__ul16177237233"><li id="SecurityGroup_0004__li8617323202310">xxx.xxx.xxx.xxx/32 (IPv4 address)</li><li id="SecurityGroup_0004__li10617152312231">xxx.xxx.xxx.0/24 (IPv4 address range)</li><li id="SecurityGroup_0004__li206171823182318">0.0.0.0/0 (all IPv4 addresses)</li><li id="SecurityGroup_0004__li6930529354">sg-abc (security group)</li></ul>
</div>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.2.3.9.1.2.2.4.1.3 "><p id="SecurityGroup_0004__p4617102352310">0.0.0.0/0</p>
</td>
</tr>
<tr id="SecurityGroup_0004__row77156821619"><td class="cellrowborder" valign="top" width="12.34%" headers="mcps1.3.2.3.9.1.2.2.4.1.1 "><p id="SecurityGroup_0004__p461592313236">Priority</p>
</td>
<td class="cellrowborder" valign="top" width="69.66%" headers="mcps1.3.2.3.9.1.2.2.4.1.2 "><p id="SecurityGroup_0004__p050041314189">Security group rule priority.</p>
<p id="SecurityGroup_0004__p206155235231">The priority value is from 1 to 100. The default value is 1 and has the highest priority. The security group rule with a smaller value has a higher priority.</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.2.3.9.1.2.2.4.1.3 "><p id="SecurityGroup_0004__p1361515237237">1</p>
</td>
</tr>
<tr id="SecurityGroup_0004__row1090916103161"><td class="cellrowborder" valign="top" width="12.34%" headers="mcps1.3.2.3.9.1.2.2.4.1.1 "><p id="SecurityGroup_0004__p186151423182317">Action</p>
</td>
<td class="cellrowborder" valign="top" width="69.66%" headers="mcps1.3.2.3.9.1.2.2.4.1.2 "><div class="p" id="SecurityGroup_0004__p1480419441613">Allow or Deny<ul id="SecurityGroup_0004__en-us_topic_0118534005_ul1357316358171"><li id="SecurityGroup_0004__en-us_topic_0118534005_li12573935151710">If the <strong id="SecurityGroup_0004__b28963283610144">Action</strong> is set to <strong id="SecurityGroup_0004__b67915613310144">Allow</strong>, access from ECSs in the security group is allowed to the destination over specified ports.</li><li id="SecurityGroup_0004__en-us_topic_0118534005_li3131196111919">If the <strong id="SecurityGroup_0004__b140629103710144">Action</strong> is set to <strong id="SecurityGroup_0004__b163990541510144">Deny</strong>, access from ECSs in the security group is denied to the destination over specified ports.</li></ul>
</div>
<p id="SecurityGroup_0004__p0306172810410">Deny rules take precedence over allow rules of the same priority.</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.2.3.9.1.2.2.4.1.3 "><p id="SecurityGroup_0004__p196161230233">Allow</p>
</td>
</tr>
<tr id="SecurityGroup_0004__row196181723162317"><td class="cellrowborder" valign="top" width="12.34%" headers="mcps1.3.2.3.9.1.2.2.4.1.1 "><p id="SecurityGroup_0004__p2061811237237">Description</p>
</td>
<td class="cellrowborder" valign="top" width="69.66%" headers="mcps1.3.2.3.9.1.2.2.4.1.2 "><p id="SecurityGroup_0004__p0618182392312">(Optional) Supplementary information about the security group rule.</p>
<p id="SecurityGroup_0004__p16618823192317">The description can contain a maximum of 255 characters and cannot contain angle brackets (&lt; or &gt;).</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.2.3.9.1.2.2.4.1.3 "><p id="SecurityGroup_0004__p20618623202311">-</p>
</td>
</tr>
</tbody>
</table>
</div>
</div>
</li><li id="SecurityGroup_0004__li154442011166">Click <strong id="SecurityGroup_0004__b89106590117">OK</strong>.<p id="SecurityGroup_0004__p1044172016164">The outbound rule list is displayed and you can view your added rule.</p>
</li></ol>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="vpc_SecurityGroup_0013.html">Managing Security Group Rules</a></div>
</div>
</div>
View Git Blame Copy Permalink