vpruthi/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
doc-exports/docs/eip/umn/qsg_0007.html
Qin Ying, Fan f906a2fa67 EIP UMN 20230106 version 
Reviewed-by: Hajba, László Antal <laszlo-antal.hajba@t-systems.com>
Co-authored-by: Qin Ying, Fan <fanqinying@huawei.com>
Co-committed-by: Qin Ying, Fan <fanqinying@huawei.com>
2023-08-02 19:23:34 +00:00

116 lines
13 KiB
HTML
Raw Blame History

<a name="qsg_0007"></a><a name="qsg_0007"></a>
<h1 class="topictitle1">Step 5: Add a Security Group Rule</h1>
<div id="body8662426"><div class="section" id="qsg_0007__en-us_topic_0118646266_en-us_topic_0118534005_s480ea51d8f2542828c323c6c8eb50861"><h4 class="sectiontitle">Scenarios</h4><p id="qsg_0007__en-us_topic_0118646266_en-us_topic_0118534005_p19783555101313">After you create a security group, you can add rules to the security group. A rule applies either to inbound traffic or outbound traffic. After you add cloud resources to the security group, they are protected by the rules of the group.</p>
</div>
<div class="section" id="qsg_0007__en-us_topic_0118646266_en-us_topic_0118534005_section2999103814551"><h4 class="sectiontitle">Procedure</h4><ol id="qsg_0007__en-us_topic_0118534005_ol1527262085715"><li id="qsg_0007__en-us_topic_0118534005_li1827982595714">Log in to the management console.</li><li id="qsg_0007__en-us_topic_0118534005_li17604162711276">Click <span><img id="qsg_0007__en-us_topic_0118534005_en-us_topic_0118498823_image338921514480" src="en-us_image_0141273034.png"></span> in the upper left corner and select the desired region and project.</li><li id="qsg_0007__li65321958215">Click <span><img id="qsg_0007__en-us_topic_0118498850_image8750174734412" src="en-us_image_0000001520959725.png"></span> in the upper left corner and choose <strong id="qsg_0007__b17484122613101"><span id="qsg_0007__text3460153818360">Network</span><span id="qsg_0007__text109812398365"></span></strong> &gt; <strong id="qsg_0007__b14841266107">Virtual Private Cloud</strong>.</li><li id="qsg_0007__en-us_topic_0118534005_li15281162517570">In the navigation pane on the left, choose <strong id="qsg_0007__en-us_topic_0118534005_b366255371416">Access Control</strong> &gt; <strong id="qsg_0007__en-us_topic_0118534005_b134879352517">Security Groups</strong>.<p id="qsg_0007__en-us_topic_0118534005_p40747164518">The security group list is displayed.</p>
</li><li id="qsg_0007__en-us_topic_0118534005_li286122917579">Locate the row that contains the target security group, click <strong id="qsg_0007__en-us_topic_0118534005_b187966549020">Manage Rule</strong> in the <strong id="qsg_0007__en-us_topic_0118534005_b15796554807">Operation</strong> column.<p id="qsg_0007__en-us_topic_0118534005_p7920227204615">The page for configuring security group rules is displayed.</p>
</li><li id="qsg_0007__en-us_topic_0118534005_li1063572655813">On the <strong id="qsg_0007__b551684851817">Inbound Rules</strong> tab, click <strong id="qsg_0007__b15201148141819">Add Rule</strong>. In the displayed dialog box, set required parameters.<p id="qsg_0007__en-us_topic_0118534005_p10544530320">You can click <strong id="qsg_0007__en-us_topic_0118534005_b84235270617413">+</strong> to add more inbound rules.</p>
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="qsg_0007__en-us_topic_0118534005_table111445216564" width="90%" frame="border" border="1" rules="all"><caption><b>Table 1 </b>Inbound rule parameter description</caption><thead align="left"><tr id="qsg_0007__en-us_topic_0118534005_row1811565205613"><th align="left" class="cellrowborder" valign="top" width="12.7%" id="mcps1.3.2.2.6.4.2.4.1.1"><p id="qsg_0007__en-us_topic_0118534005_p51151452125620"><strong id="qsg_0007__b919085682311">Parameter</strong></p>
</th>
<th align="left" class="cellrowborder" valign="top" width="69.3%" id="mcps1.3.2.2.6.4.2.4.1.2"><p id="qsg_0007__en-us_topic_0118534005_p5115552175613"><strong id="qsg_0007__b686255612236">Description</strong></p>
</th>
<th align="left" class="cellrowborder" valign="top" width="18%" id="mcps1.3.2.2.6.4.2.4.1.3"><p id="qsg_0007__en-us_topic_0118534005_p711565219563"><strong id="qsg_0007__b151855718235">Example Value</strong></p>
</th>
</tr>
</thead>
<tbody><tr id="qsg_0007__en-us_topic_0118534005_row9115105219562"><td class="cellrowborder" rowspan="2" valign="top" width="12.7%" headers="mcps1.3.2.2.6.4.2.4.1.1 "><p id="qsg_0007__en-us_topic_0118534005_p151157525565">Protocol &amp; Port</p>
<p id="qsg_0007__en-us_topic_0118534005_p3510193211510"></p>
</td>
<td class="cellrowborder" valign="top" width="69.3%" headers="mcps1.3.2.2.6.4.2.4.1.2 "><p id="qsg_0007__p1146312543"><strong id="qsg_0007__en-us_topic_0118534005_b1939852442315">Protocol</strong>: The network protocol. Currently, the value can be <strong id="qsg_0007__en-us_topic_0118534005_b1669245867">All</strong>, <strong id="qsg_0007__en-us_topic_0118534005_b1236697418">TCP</strong>, <strong id="qsg_0007__en-us_topic_0118534005_b2013026164">UDP</strong>, <strong id="qsg_0007__en-us_topic_0118534005_b366913978">ICMP</strong>, <strong id="qsg_0007__en-us_topic_0118534005_b175264618215">GRE</strong>, or others.</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.2.2.6.4.2.4.1.3 "><p id="qsg_0007__en-us_topic_0118534005_p193908441914">Protocols/TCP (Custom ports)</p>
</td>
</tr>
<tr id="qsg_0007__en-us_topic_0118534005_row6510532121511"><td class="cellrowborder" valign="top" headers="mcps1.3.2.2.6.4.2.4.1.1 "><p id="qsg_0007__p1465816448259"><strong id="qsg_0007__en-us_topic_0118534005_b20578501637">Port</strong>: The port or port range over which the traffic can reach your ECS. The value ranges from 1 to 65535. </p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.2.2.6.4.2.4.1.2 "><p id="qsg_0007__en-us_topic_0118534005_p1551023251511">22, or 22-30</p>
</td>
</tr>
<tr id="qsg_0007__en-us_topic_0118534005_row1726912412166"><td class="cellrowborder" valign="top" width="12.7%" headers="mcps1.3.2.2.6.4.2.4.1.1 "><p id="qsg_0007__en-us_topic_0118534005_p1826920421620">Type</p>
</td>
<td class="cellrowborder" valign="top" width="69.3%" headers="mcps1.3.2.2.6.4.2.4.1.2 "><p id="qsg_0007__p2951114864918">The IP address type can be IPv4.</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.2.2.6.4.2.4.1.3 "><p id="qsg_0007__en-us_topic_0118534005_p848952751718">IPv4</p>
</td>
</tr>
<tr id="qsg_0007__en-us_topic_0118534005_row511615528561"><td class="cellrowborder" valign="top" width="12.7%" headers="mcps1.3.2.2.6.4.2.4.1.1 "><p id="qsg_0007__en-us_topic_0118534005_p86899991813">Source</p>
</td>
<td class="cellrowborder" valign="top" width="69.3%" headers="mcps1.3.2.2.6.4.2.4.1.2 "><div class="p" id="qsg_0007__p1622184514267">Source of the security group rule. The value can be an IP address or a security group to allow access from IP addresses or instances in the security group. For example: <ul id="qsg_0007__en-us_topic_0118534005_ul12116352195619"><li id="qsg_0007__en-us_topic_0118534005_li0541721414">IP address:<ul id="qsg_0007__en-us_topic_0118534005_ul554172946"><li id="qsg_0007__en-us_topic_0118534005_li19301951584">Single IP address: 192.168.10.10/32</li><li id="qsg_0007__en-us_topic_0118534005_li530357816">All IP addresses: 0.0.0.0/0</li><li id="qsg_0007__en-us_topic_0118534005_li330351881">IP address range: 192.168.1.0/24</li></ul>
</li><li id="qsg_0007__en-us_topic_0118534005_li164031044185514">Security group: sg-A</li></ul>
</div>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.2.2.6.4.2.4.1.3 "><p id="qsg_0007__en-us_topic_0118534005_p611613524569">0.0.0.0/0</p>
</td>
</tr>
<tr id="qsg_0007__en-us_topic_0118534005_row111615525565"><td class="cellrowborder" valign="top" width="12.7%" headers="mcps1.3.2.2.6.4.2.4.1.1 "><p id="qsg_0007__en-us_topic_0118534005_p1711655217565">Description</p>
</td>
<td class="cellrowborder" valign="top" width="69.3%" headers="mcps1.3.2.2.6.4.2.4.1.2 "><p id="qsg_0007__p15581050104410">Supplementary information about the security group rule. This parameter is optional.</p>
<p id="qsg_0007__p12581350124410">The security group rule description can contain a maximum of 255 characters and cannot contain angle brackets (&lt; or &gt;).</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.2.2.6.4.2.4.1.3 "><p id="qsg_0007__en-us_topic_0118534005_p3116115216568">-</p>
</td>
</tr>
</tbody>
</table>
</div>
</li><li id="qsg_0007__en-us_topic_0118534005_li111149545115">On the <strong id="qsg_0007__b048254932716">Outbound Rules</strong> tab, click <strong id="qsg_0007__b1488184914278">Add Rule</strong>. In the displayed dialog box, set required parameters.<p id="qsg_0007__en-us_topic_0118534005_p161151454111115">You can click <strong id="qsg_0007__en-us_topic_0118534005_b842352706174116">+</strong> to add more outbound rules.</p>
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" id="qsg_0007__en-us_topic_0118534005_table0614192319232" width="90%" frame="border" border="1" rules="all"><caption><b>Table 2 </b>Outbound rule parameter description</caption><thead align="left"><tr id="qsg_0007__en-us_topic_0118534005_row19614623202312"><th align="left" class="cellrowborder" valign="top" width="12.55%" id="mcps1.3.2.2.7.4.2.4.1.1"><p id="qsg_0007__en-us_topic_0118534005_p361592319230"><strong id="qsg_0007__b882253418290">Parameter</strong></p>
</th>
<th align="left" class="cellrowborder" valign="top" width="69.45%" id="mcps1.3.2.2.7.4.2.4.1.2"><p id="qsg_0007__en-us_topic_0118534005_p1961514231232"><strong id="qsg_0007__b148275353294">Description</strong></p>
</th>
<th align="left" class="cellrowborder" valign="top" width="18%" id="mcps1.3.2.2.7.4.2.4.1.3"><p id="qsg_0007__en-us_topic_0118534005_p1061552372311"><strong id="qsg_0007__b133401538192919">Example Value</strong></p>
</th>
</tr>
</thead>
<tbody><tr id="qsg_0007__en-us_topic_0118534005_row76161523132311"><td class="cellrowborder" rowspan="2" valign="top" width="12.55%" headers="mcps1.3.2.2.7.4.2.4.1.1 "><p id="qsg_0007__en-us_topic_0118534005_p1761652313238">Protocol &amp; Port</p>
<p id="qsg_0007__en-us_topic_0118534005_p4616323182310"></p>
</td>
<td class="cellrowborder" valign="top" width="69.45%" headers="mcps1.3.2.2.7.4.2.4.1.2 "><p id="qsg_0007__p51231113483"><strong id="qsg_0007__en-us_topic_0118534005_b114706499477">Protocol</strong>: The network protocol. Currently, the value can be <strong id="qsg_0007__en-us_topic_0118534005_b780249558">All</strong>, <strong id="qsg_0007__en-us_topic_0118534005_b1240441724">TCP</strong>, <strong id="qsg_0007__en-us_topic_0118534005_b1528234674">UDP</strong>, <strong id="qsg_0007__en-us_topic_0118534005_b1970213765">ICMP</strong>, <strong id="qsg_0007__en-us_topic_0118534005_b1357743128">GRE</strong>, or others.</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.2.2.7.4.2.4.1.3 "><p id="qsg_0007__en-us_topic_0118534005_p157082238193">Custom TCP</p>
</td>
</tr>
<tr id="qsg_0007__en-us_topic_0118534005_row5616723112313"><td class="cellrowborder" valign="top" headers="mcps1.3.2.2.7.4.2.4.1.1 "><p id="qsg_0007__p1059311444810"><strong id="qsg_0007__en-us_topic_0118534005_b385627877">Port</strong>: The port or port range over which the traffic can leave your ECS. The value ranges from 1 to 65535. </p>
</td>
<td class="cellrowborder" valign="top" headers="mcps1.3.2.2.7.4.2.4.1.2 "><p id="qsg_0007__en-us_topic_0118534005_p12616182311235">22, or 22-30</p>
</td>
</tr>
<tr id="qsg_0007__en-us_topic_0118534005_row86161423202313"><td class="cellrowborder" valign="top" width="12.55%" headers="mcps1.3.2.2.7.4.2.4.1.1 "><p id="qsg_0007__en-us_topic_0118534005_p12616122316237">Type</p>
</td>
<td class="cellrowborder" valign="top" width="69.45%" headers="mcps1.3.2.2.7.4.2.4.1.2 "><p id="qsg_0007__p716952614351">The IP address type can be IPv4.</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.2.2.7.4.2.4.1.3 "><p id="qsg_0007__en-us_topic_0118534005_p186177239234">IPv4</p>
</td>
</tr>
<tr id="qsg_0007__en-us_topic_0118534005_row2617112315232"><td class="cellrowborder" valign="top" width="12.55%" headers="mcps1.3.2.2.7.4.2.4.1.1 "><p id="qsg_0007__en-us_topic_0118534005_p15617623172315">Destination</p>
</td>
<td class="cellrowborder" valign="top" width="69.45%" headers="mcps1.3.2.2.7.4.2.4.1.2 "><p id="qsg_0007__p19953242144716">Destination of the security group rule. The value can be an IP address or a security group to allow access to IP addresses or instances in the security group. For example: </p>
<p id="qsg_0007__p19541742134718">For more information, see <em id="qsg_0007__i13232198133110">Virtual Private Cloud User Guide</em>.</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.2.2.7.4.2.4.1.3 "><p id="qsg_0007__en-us_topic_0118534005_p4617102352310">0.0.0.0/0</p>
</td>
</tr>
<tr id="qsg_0007__en-us_topic_0118534005_row196181723162317"><td class="cellrowborder" valign="top" width="12.55%" headers="mcps1.3.2.2.7.4.2.4.1.1 "><p id="qsg_0007__en-us_topic_0118534005_p2061811237237">Description</p>
</td>
<td class="cellrowborder" valign="top" width="69.45%" headers="mcps1.3.2.2.7.4.2.4.1.2 "><p id="qsg_0007__p123911914114519">Supplementary information about the security group rule. This parameter is optional.</p>
<p id="qsg_0007__p16392314184512">The security group rule description can contain a maximum of 255 characters and cannot contain angle brackets (&lt; or &gt;).</p>
</td>
<td class="cellrowborder" valign="top" width="18%" headers="mcps1.3.2.2.7.4.2.4.1.3 "><p id="qsg_0007__en-us_topic_0118534005_p20618623202311">-</p>
</td>
</tr>
</tbody>
</table>
</div>
</li><li id="qsg_0007__en-us_topic_0118534005_li119223164159">Click <strong id="qsg_0007__b8450141519313">OK</strong>.</li></ol>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="qsg_0001.html">Quick Start</a></div>
</div>
</div>
View Git Blame Copy Permalink