Default Security Group and Rules
- Inbound rules control incoming traffic to instances in the default security group. The instances can only communicate with each other but cannot be accessed from external networks.
- Outbound rules allow all traffic from the instances in the default security group to external networks.
Figure 1 shows the default security group.
- You cannot delete the default security group, but you can modify existing rules or add rules to the group.
- The default security group is automatically created to simplify the process of creating an instance for the first time. The default security group denies all external requests. To log in to an instance, add a security group rule by referring to Remotely Logging In to an ECS from a Local Server.
Table 1 describes the rules in the default security group.
Direction |
Action |
Type |
Protocol & Port |
Source/Destination |
Description |
|---|---|---|---|---|---|
Inbound |
Allow |
IPv4 |
All |
Source: default security group (default) |
Allows IPv4 instances in the security group to communicate with each other using any protocol over any port. |
Inbound |
Allow |
IPv6 |
All |
Source: default security group (default) |
Allows IPv6 instances in the security group to communicate with each other using any protocol over any port. |
Outbound |
Allow |
IPv4 |
All |
Destination: 0.0.0.0/0 |
Allows all traffic from the instances in the security group to any IPv4 address over any port. |
Outbound |
Allow |
IPv6 |
All |
Destination: ::/0 |
Allows all traffic from the instances in the security group to any IPv6 address over any port. |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
