Manage security groups

Last updated:2021-05-08 15:00:59

A security group is a stateful virtual firewall that is used to implement network access control over one or more EPC instances. For more information about security groups, see Overview of security groups.

When you create an EPC instance, you can associate one or more security groups with this instance, and add rules to the security groups to control the traffic that flows in and out of the EPC instance. Security group rules are matched from top to bottom.

Create a security group

  1. Log in to the EPC console.

  2. In the left navigation pane, click Security Group.

  3. Click Create Security Group.

  4. On the Create Security Group page, enter the security group name, select a VPC, and then configure a rule:

    a. On the Inbound Rules or Outbound Rules tab, click Add Line.

    b. Configure Protocol, Start Port, End Port, Source IP, and Remarks.

    c. Repeat the preceding steps to add more inbound or outbound rules.

    Note: A security group must contain at least one inbound or outbound rule.

  5. Click OK.

    The system starts to create the security group, and displays the Created successfully. message when the security group is created.

Edit inbound or outbound security group rules

The procedure of editing outbound rules is the same as that of editing inbound rules. This topic describes how to edit inbound rules.

  1. Log in to the EPC console.

  2. In the left navigation pane, click Security Group.

  3. Select the security group that you want to edit and then click Edit Inbound Rules above the list or click Edit Inbound Rules on the Inbound Rules tab.

  4. Edit existing inbound rules in the rule list and use other functions on the page to assist in editing the rules:

    • Add Line: Click Add Line to add a new rule to the list.

    • Export Rules: Click Export Rules to save the list of existing inbound rules as a .xlsx file, and edit and save the file locally.

    • Batch Import: Click Batch Import and select the file containing the new rule list to replace the list of current inbound rules.

  5. Click OK.

Copy a security group

You can copy existing security groups to other regions or VPCs.

  1. Log in to the EPC console.

  2. In the left navigation pane, click Security Group.

  3. Select the security group that you want to copy and click Copy Security Group.

  4. On the Copy Security Group page, complete the following configurations:

    • Select the target region and target VPC.
    • Enter the name of the new security group.
    • Edit inbound rules and outbound rules.
  5. Click OK.

    If the message Copied successfully. appears, it indicates that the security group has been copied. You can then view the copied security group information on the security group page.

Delete a security group

You can delete a security group that is no longer used. However, the default security group in a VPC cannot be deleted.

Prerequisites

The security group does not contain any EPC instance and KEC instance. Otherwise, the security group cannot be deleted. The procedure of removing an EPC instance from a security group is similar to that of removing a KEC instance. For more information, see Manage EPC instance members.

Procedure

  1. Log in to the EPC console.

  2. In the left navigation pane, click Security Group.

  3. Select one or more security groups that you want to delete and then click Delete.

  4. On the confirmation page, click Delete.

    If the message Deleted successfully. appears, it indicates that the security group has been deleted.

Manage EPC instance members

  1. Log in to the EPC console.

  2. In the left navigation pane, click Security Group.

  3. Select the security group that you want to manage, and then click Manage EPC above the list.

  4. On the Manage EPC page, click Add or Remove to manage EPC instances in this security group.
    The list on the left shows EPC instances that are not added to this security group, and the list on the right shows EPC instances that are added to this security group.

  5. Click OK.

Did you find the above information helpful?

Unhelpful
Mostly Unhelpful
A little helpful
Helpful
Very helpful

What might be the problems?

Insufficient
Outdated
Unclear or awkward
Redundant or clumsy
Lack of context for the complex system or functionality

More suggestions

0/200

Please give us your feedback.

Submitted

Thank you for your feedback.

问题反馈