Help Center/
SAP Cloud/
SAP HANA User Guide (Single Node)/
Deployment/
Preparing Resources/
Creating a Subnet and Configuring a Security Group
Updated on 2022-12-08 GMT+08:00
Creating a Subnet and Configuring a Security Group
Procedure
- Create a subnet.
- Log in to the management console.
- Click
in the upper left corner and select a region and project. - In the navigation pane on the left, click
and choose . - Choose Subnets on the left of the page.
- In the upper right corner of the page, click Create Subnet.
- In the Create Subnet dialog box, configure parameters as prompted.
- VPC: Select the VPC created in Creating a VPC.
- AZ: specifies the AZ of the subnet.
- Name: Configure the subnet name that is easy to identify, for example, service_subnet.
- CIDR Block: Configure this parameter according to the deployment plan described in section Network Planning.
- Advanced Settings: Set it to Default.
- Click OK to complete the subnet configuration.
- Repeat 1.e to 1.g to create all required subnets according to the requirements specified in section Network Planning.
- Configure a security group.
You need to create a security group for all nodes in the SAP HANA system.
- Choose on the left and then click Create Security Group in the upper right corner. The Create Security Group dialog box is displayed.
- Set the following parameters as prompted:
- Template: The template contains security group rules, which help you quickly create a security group. The following templates are provided:
- Custom: This template allows you to create security groups with custom security group rules.
- General-purpose web server: The security group that will be created using this template is for general-purpose web servers and includes default rules that allow all inbound ICMP traffic and allow inbound traffic on ports 22, 80, 443, and 3389.
- All ports open: The security group that will be created using this template includes default rules that allow inbound traffic on any port. Allowing inbound traffic on any port may pose security risks. Exercise caution when using this template.
- Name: specifies the name of the security group. Name the security group that is easy to identify, for example, studio_security_group.
- Enterprise Project: You can add the security group to an enabled enterprise project. You can select an enterprise project from the drop-down list.
- Template: The template contains security group rules, which help you quickly create a security group. The following templates are provided:
- Click OK.
- Repeat 2.a to 2.c to create other security groups.
- In the navigation pane on the left, choose Access Control > Security Groups. In the security group list, click the security group to which you want to add an access rule.
- Click Add Rule on the Inbound Rules or Outbound Rules tab as planned.
- On the displayed page, add the rule according to the requirements specified in section Network Planning.
The default security group rules cannot be deleted.
- Repeat 2.e to 2.g to configure all security groups.
Parent topic: Preparing Resources
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
The system is busy. Please try again later.
For any further questions, feel free to contact us through the chatbot.
Chatbot
