Help Center/ Huawei Cloud Flexus_Huawei Cloud Flexus X Instance/ User Guide/ Managing Server Security/ Configuring the Security Group for a FlexusX Instance/ Configuring Security Group Rules for a FlexusX Instance
Updated on 2025-07-29 GMT+08:00
View PDF
Share

Configuring Security Group Rules for a FlexusX Instance

Scenarios

Similar to a firewall, a security group is used to control network access. You can define access rules for a security group to protect the FlexusX instances in the group.

  • Inbound rules allow or deny incoming network traffic to FlexusX instances in the security group.
  • Outbound rules allow or deny outgoing network traffic from FlexusX instances in the security group.

For details about configuration examples, see Security Group Examples.

Procedure

  1. Log in to the FlexusX console. In the upper left corner, click and select a region.
  2. On the FlexusX Instances page, locate the FlexusX instance and click its name.

    The instance details page is displayed.

  3. On the detailed page, click the Security Groups tab and view security group rules.
  4. Click Manage Rule.

    The page for configuring security group rules is displayed.

  5. On the Inbound Rules tab, click Add Rule.

    The Add Inbound Rule dialog box is displayed.

  6. Configure required parameters.

    You can click + to add more inbound rules. For details about the parameters, see Adding a Security Group Rule.

    Figure 1 Adding an inbound rule
  7. On the Outbound Rules tab, click Add Rule.

    The Add Outbound Rule dialog box is displayed.

  8. Configure required parameters.

    You can click + to add more outbound rules. For details about the parameters, see Adding a Security Group Rule.

  9. Click OK.

    After allowing traffic over a port in a security group rule, you need to ensure that the port used by the instance is also opened. For details, see Verifying Security Group Rules.

Impacts of Deleting Common Security Group Rules

On the Inbound Rules and Outbound Rules tabs, you can also modify, replicate, or delete existing rules.

Deleting security group rules will disable some functions.

  • If you delete a rule with Protocol & Port specified as TCP: 20-21, you will not be able to upload files to or download files from servers using FTP.
  • If you delete a rule with Protocol & Port specified as ICMP: All, you will not be able to ping the servers.
  • If you delete a rule with Protocol & Port specified as TCP: 443, you will not be able to connect to websites on the servers using HTTPS.
  • If you delete a rule with Protocol & Port specified as TCP: 80, you will not be able to connect to websites on servers using HTTP.
  • If you delete a rule with Protocol & Port specified as TCP: 22, you will not be able to remotely connect to Linux servers using SSH.
  • If you delete a rule with Protocol & Port specified as TCP: 3389, you will not be able to remotely connect to Windows servers using RDP.

Helpful Links

Parent Topic: Configuring the Security Group for a FlexusX Instance