A security group is a virtual firewall for an ECS instance. This topic describes how to create a security group in the ECS console.


If you want to create a VPC-type security group, ensure that a VPC and a VSwitch have been created. For more information, see Create a Virtual Private Cloud and Create a VSwitch.


  1. Log on to the ECS console.
  2. In the left-side navigation pane, choose Network & Security > Security Groups.
  3. On the Security Groups page, click Create Security Group.
    The Create Security Group dialog box appears.
  4. In the Create Security Group dialog box, configure the following parameters:
    1. From the Template drop-down menu, select a suitable template to simplify security group rule configuration. For example, select Customize.
    2. In the Security Group Name text box, enter a valid name for the security group.
    3. From the Network Type drop-down menu, select VPC.
    4. From the VPC drop-down menu, select your VPC.
  5. Click OK.
    A pop-up message recommending you create security group rules appears.


After the security group is created, a new security group is added to the security group list.

What to do next

After creating a security group, it is recommended to immediately create security group rules. Otherwise, you may not be able to access the internal network or Internet. For steps, see Add Security Group Rules.