You can modify a security group by adding and removing rules assigned to that group. Rules define which traffic is allowed to instances that are assigned to the security group.
- Log in to the VMware Integrated OpenStack dashboard as a cloud administrator.
- Select the project from the drop-down menu in the title bar.
- Select .
- Click the Security Groups tab.
- Select the security group to modify and click Manage Rules.
- To remove a rule, select the rule and click Delete Rule.
- To add a rule, click Add Rule and select the custom rule to add from the Rule drop-down menu.
Custom TCP Rule
Used to exchange data between systems and for end-user communication.
Custom UDP Rule
Used to exchange data between systems, for example, at the application level.
Custom ICMP Rule
Used by network devices, such as routers, to send error or monitoring messages.
You can manually configure a rule if the rule protocol is not included in the list.
- From the Remote drop-down list, select CIDR or Security Group.
- If applicable, select Ingress or Egress from the Direction drop-down menu.
For TCP and UDP rules, you can open either a single port or a range of ports. Depending on your selection, different fields appear below the Open Port list.
- Select the kind of access to allow.
CIDR (Classless Inter-Domain Routing)
Limits access only to IP addresses within the specified block.
Allows any instance in the specified security group to access any other group instance.
You can choose between IPv4 or IPv6 in the Ether Type list.
- Click Add.
The new rule appears on the Manage Security Group Rules page for the security group.