Deleting a Security Group Rule

Scenarios

If you no longer need a security group rule to control the traffic to and from the instances in a security group, you can delete it.

Notes and Constraints

Note that deleting a security group rule may interrupt your services or cause network security risks.

Security group rules are like a whitelist. If there are no rules that allow or deny some traffic, the security group denies all traffic to or from the instances in the security group.

The inbound rules in Table 1 ensure that instances in the security group can communicate with each other. Do not delete these rules.

The outbound rules in Table 1 allow all traffic from the instances in the security groups to external networks. If you delete these rules, the instances in the security group cannot access external networks.

**Table 1** Security group rules
Direction	Action	Type	Protocol & Port	Source/Destination
Inbound	Allow	IPv4	All	Source: current security group
Inbound	Allow	IPv6	All	Source: current security group
Outbound	Allow	IPv4	All	Destination: 0.0.0.0/0
Outbound	Allow	IPv6	All	Destination: ::/0

Procedure

Click in the upper left corner and select the desired region and project.
Click in the upper left corner and choose Networking > Virtual Private Cloud.
The Virtual Private Cloud page is displayed.
In the navigation pane on the left, choose Access Control > Security Groups.
The security group list is displayed.
In the security group list, click the name of the security group.
The security group details page is displayed.
Click the Inbound Rules or Outbound Rules tab as required.
The security group rule list is displayed.
In the security group rule list:
- To delete a single security group rule, locate the row that contains the rule and click Delete in the Operation column.
- To delete multiple security group rules, select multiple security group rules and click Delete in the upper left corner of the rule list.
Click Yes.