vpruthi/doc-exports
1
0
Fork 0
forked from docs/doc-exports
Code Pull Requests Activity
doc-exports/docs/vpc/umn/SecurityGroup_0003.html
Qin Ying, Fan 38a9f4a4f1 VPC UMN 20230106 version 
Reviewed-by: Hajba, László Antal <laszlo-antal.hajba@t-systems.com>
Co-authored-by: Qin Ying, Fan <fanqinying@huawei.com>
Co-committed-by: Qin Ying, Fan <fanqinying@huawei.com>
2023-06-14 19:36:52 +00:00

55 lines
4.9 KiB
HTML
Raw Blame History

<a name="SecurityGroup_0003"></a><a name="SecurityGroup_0003"></a>
<h1 class="topictitle1">Default Security Groups and Security Group Rules</h1>
<div id="body1529924412907"><div class="p" id="SecurityGroup_0003__p38211617154214">The system creates a default security group for each account. By default, the default security group rules:<ul id="SecurityGroup_0003__ul11516174719521"><li id="SecurityGroup_0003__en-us_topic_0073379079_li1351674713522">Allow all outbound packets: Instances in the default security group can send requests to and receive responses from instances in other security groups.</li><li id="SecurityGroup_0003__en-us_topic_0073379079_li15176291612">Deny all inbound packets: Requests from instances in other security groups will be denied by the default security group.</li></ul>
</div>
<div class="fignone" id="SecurityGroup_0003__fig997718156161"><span class="figcap"><b>Figure 1 </b>Default security group</span><br><span><img class="eddx" id="SecurityGroup_0003__image22171236172514" src="en-us_image_0000001230120807.png"></span></div>
<div class="note" id="SecurityGroup_0003__note154069174516"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="SecurityGroup_0003__ul13707733161311"><li id="SecurityGroup_0003__li04874352138">You cannot delete the default security group, but you can modify the rules for the default security group.</li><li id="SecurityGroup_0003__li157071633191312">If two ECSs are in the same security group but in different VPCs, the ECSs cannot communicate with each other. To enable communications between the ECSs, use a VPC peering connection to connect the two VPCs.</li></ul>
</div></div>
<p id="SecurityGroup_0003__p14738751115618"><a href="#SecurityGroup_0003__table493045171919">Table 1</a> describes the default rules for the default security group.</p>
<div class="tablenoborder"><a name="SecurityGroup_0003__table493045171919"></a><a name="table493045171919"></a><table cellpadding="4" cellspacing="0" summary="" id="SecurityGroup_0003__table493045171919" frame="border" border="1" rules="all"><caption><b>Table 1 </b>Default security group rules</caption><thead align="left"><tr id="SecurityGroup_0003__row12930145141920"><th align="left" class="cellrowborder" valign="top" width="11.83%" id="mcps1.3.5.2.6.1.1"><p id="SecurityGroup_0003__p3930145118194">Direction</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="11.97%" id="mcps1.3.5.2.6.1.2"><p id="SecurityGroup_0003__p129301851131913">Protocol</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="15%" id="mcps1.3.5.2.6.1.3"><p id="SecurityGroup_0003__p093075141919">Port/Range</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="25.22%" id="mcps1.3.5.2.6.1.4"><p id="SecurityGroup_0003__p149306511191">Source/Destination</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="35.980000000000004%" id="mcps1.3.5.2.6.1.5"><p id="SecurityGroup_0003__p99301851161916">Description</p>
</th>
</tr>
</thead>
<tbody><tr id="SecurityGroup_0003__row17931125111193"><td class="cellrowborder" valign="top" width="11.83%" headers="mcps1.3.5.2.6.1.1 "><p id="SecurityGroup_0003__p1593111518191">Outbound</p>
</td>
<td class="cellrowborder" valign="top" width="11.97%" headers="mcps1.3.5.2.6.1.2 "><p id="SecurityGroup_0003__p19931105117191">All</p>
</td>
<td class="cellrowborder" valign="top" width="15%" headers="mcps1.3.5.2.6.1.3 "><p id="SecurityGroup_0003__p15931651181920">All</p>
</td>
<td class="cellrowborder" valign="top" width="25.22%" headers="mcps1.3.5.2.6.1.4 "><p id="SecurityGroup_0003__p179318515196">Destination: 0.0.0.0/0</p>
</td>
<td class="cellrowborder" valign="top" width="35.980000000000004%" headers="mcps1.3.5.2.6.1.5 "><p id="SecurityGroup_0003__p49315518196">Allows all outbound traffic.</p>
</td>
</tr>
<tr id="SecurityGroup_0003__row109311451131911"><td class="cellrowborder" valign="top" width="11.83%" headers="mcps1.3.5.2.6.1.1 "><p id="SecurityGroup_0003__p1293111513193">Inbound</p>
</td>
<td class="cellrowborder" valign="top" width="11.97%" headers="mcps1.3.5.2.6.1.2 "><p id="SecurityGroup_0003__p1493105115194">All</p>
</td>
<td class="cellrowborder" valign="top" width="15%" headers="mcps1.3.5.2.6.1.3 "><p id="SecurityGroup_0003__p1593155181920">All</p>
</td>
<td class="cellrowborder" valign="top" width="25.22%" headers="mcps1.3.5.2.6.1.4 "><p id="SecurityGroup_0003__p593115141917">Source: the current security group (for example, sg-<em id="SecurityGroup_0003__i2138146127154428">xxxxx</em>)</p>
</td>
<td class="cellrowborder" valign="top" width="35.980000000000004%" headers="mcps1.3.5.2.6.1.5 "><p id="SecurityGroup_0003__p2931151121912">Allows communications among ECSs within the security group and denies all inbound traffic (incoming data packets).</p>
</td>
</tr>
</tbody>
</table>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="vpc_SecurityGroup_0001.html">Security Group</a></div>
</div>
</div>
View Git Blame Copy Permalink