Updated on 2024-03-30 GMT+08:00

Step 6: Add a Security Group Rule

Scenarios

Add an inbound security group rule to allow traffic to servers in the destination VPC.

Procedure

  1. Log in to the management console.
  2. Click in the upper left corner and select the desired region and project.
  3. Click Service List in the upper left corner. Under Network, select Virtual Private Cloud.
  4. In the navigation pane on the left, choose Access Control > Security Groups.

    The security group list is displayed.

  5. Locate the row that contains the target security group, and click Manage Rule in the Operation column.

    The page for configuring security group rules is displayed.

  6. On the Inbound Rules tab, click Add Rule. In the displayed dialog box, configure required parameters.

    You can click + to add more inbound rules.

    Table 1 Inbound rule parameter descriptions

    Parameter

    Description

    Example Value

    Protocol & Port

    Protocol: network protocol

    The protocol can be All, TCP, UDP, ICMP, or GRE.

    TCP

    Port: the port or port range over which the traffic can reach your ECS

    Supported range: 1 to 65535

    22 or 22-30

    Type

    The IP address type. This parameter is available after the IPv6 function is enabled.
    • IPv4
    • IPv6

    IPv4

    Source

    The source of the security group rule

    The source can be an IP address or a security group to allow access from IP addresses or instances in another security group. For example:
    • xxx.xxx.xxx.xxx/32 (an IPv4 address)
    • xxx.xxx.xxx.0/24 (a subnet)
    • 0.0.0.0/0 (all IP addresses)
    • sg-abc (a security group)

    0.0.0.0/0

    Description

    (Optional) Supplementary information about the security group rule

    Enter up to 255 characters. Angle brackets (<>) are not allowed.

    N/A

  7. Click OK.