Help Center/ Virtual Private Cloud/ User Guide/ Access Control/ Security Group/ Managing Security Group Rules/ Enabling or Disabling One or More Security Group Rules
Updated on 2025-01-17 GMT+08:00
View PDF
Share

Enabling or Disabling One or More Security Group Rules

Scenarios

After a security group rule is added, it is enabled by default. You can enable or disable a security group rule as needed.
  • After a security group rule is disabled, it will not work. If all security group rules are disabled, traffic will be denied to reach or leave the instances in the security group. Disabling all rules may interrupt network traffic.
  • After a security group rule is enabled, it controls the network traffic from and to the instances in the security group.

To enable or disable a security group rule, see Enabling or Disabling a Security Group Rule.

To enable or disable multiple security group rules at a time:

Enabling or Disabling a Security Group Rule

  1. Log in to the management console.
  1. Click in the upper left corner and select the desired region and project.
  2. Click in the upper left corner and choose Networking > Virtual Private Cloud.

    The Virtual Private Cloud page is displayed.

  3. In the navigation pane on the left, choose Access Control > Security Groups.

    The security group list is displayed.

  4. Locate the target security group and click its name.

    The security group details page is displayed.

  5. Click the Inbound Rules or Outbound Rules tab as required.

    The security group rule list is displayed.

  6. In the security group rule list:
    • Enable a security group rule.
      1. Locate the target security group rule, click More in the Operation column, and select Enable.

        A confirmation dialog box is displayed.

      2. Click OK.
    • Disable a security group rule.
      1. Locate the target security group rule, click More in the Operation column, and select Disable.

        A confirmation dialog box is displayed.

      2. Click OK.

Enabling or Disabling Multiple Security Group Rules Directly on the Console

  1. Log in to the management console.
  1. Click in the upper left corner and select the desired region and project.
  2. Click in the upper left corner and choose Networking > Virtual Private Cloud.

    The Virtual Private Cloud page is displayed.

  3. In the navigation pane on the left, choose Access Control > Security Groups.

    The security group list is displayed.

  4. Locate the target security group and click its name.

    The security group details page is displayed.

  5. Click the Inbound Rules or Outbound Rules tab as required.

    The security group rule list is displayed.

  6. In the security group rule list, select the security group rules you want to enable or disable.
  7. In the rule list:
    • Enable security group rules.
      1. Above the security group rule list, choose More > Enable.

        A confirmation dialog box is displayed.

      2. Click OK.
    • Disable security group rules.
      1. Above the security group rule list, choose More > Disable.

        A confirmation dialog box is displayed.

      2. Click OK.

Enabling or Disabling Multiple Security Group Rules Using an Excel File

  1. Log in to the management console.
  1. Click in the upper left corner and select the desired region and project.
  2. Click in the upper left corner and choose Networking > Virtual Private Cloud.

    The Virtual Private Cloud page is displayed.

  3. In the navigation pane on the left, choose Access Control > Security Groups.

    The security group list is displayed.

  4. Locate the target security group and click its name.

    The security group details page is displayed.

  5. Click the Inbound Rules or Outbound Rules tab as required.

    The security group rule list is displayed.

  1. In the upper left corner above the security group rule list, click Batch Operations.

    The Batch Operations dialog box is displayed.

  2. Select either of the following methods:
    • Method 1: Click Download Template to download the Excel file to your local PC and fill in the security group rules to be enabled or disabled in the file.
    • Method 2: Export the existing rules to a local Excel file, filter the target rules and keep them as they are, and save the file.

    After the Excel file is ready, take step 9. The system then automatically selects the target rules based on the imported file.

  3. In the Batch Operations dialog box, click Select File.
    The system starts to match the rules in the Excel file against existing security group rules based on the priority, action, type, protocol & port, source, and destination.
    • If a rule in the Excel file matches an existing rule, Verified is displayed in the Result column. Only the matched rules can be enabled or disabled.
    • If a rule fails to be matched, the causes will be displayed in the Result column. The possible causes are as follows:
      • There is no such rule in this security group.
      • Inconsistent rule direction. For example, you perform the operation on outbound rules on the Inbound Rules tab, or the other way around.
      • Duplicate rules in the Excel file. The system automatically filters out the duplicate rules.
  4. Confirm the rules and click OK.

    The security group rule list page is displayed and the target rules are selected automatically.

  5. In the rule list:
    • Enable security group rules.
      1. Above the security group rule list, choose More > Enable.

        A confirmation dialog box is displayed.

      2. Click OK.
    • Disable security group rules.
      1. Above the security group rule list, choose More > Disable.

        A confirmation dialog box is displayed.

      2. Click OK.
Parent Topic: Managing Security Group Rules